cybersecurity
mHealth apps consistently expose PII and PHI through APIs
All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health …
2020 vulnerability disclosures on track to exceed those from 2019
2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. The team …
Researchers spot massive increase in RDP attack attempts
The COVID-19 pandemic continued to influence the cybercrime landscape in 2020, ESET reveals. Most notably, the new attack surface created by the shift to work from home …
Big Tech will try to pre-empt harsh privacy laws by writing their own
Over the past decade, the firms that make up the so-called Big Tech have captured enough of the global economy to resemble industrial cartels from a bygone era. Amazon, Apple, …
Protecting productivity within the disappearing perimeter
During the past year, business leaders have seen first-hand the benefits of adopting an everywhere enterprise model of working and are now carefully considering its role in …
Credential spill incidents nearly doubled since 2016
The number of annual credential spill incidents nearly doubled from 2016 to 2020, according to F5 research. There was a 46% downturn in the number of spilled credentials …
People are often the collateral damage of attacks on corporations
Thanks to cyberattacks making regular headlines in the news, it’s no secret that massive data breaches are a significant threat to organizations. However, a report from …
IPCDump: Open-source tool for tracing interprocess communication on Linux
Guardicore released IPCDump, a new open source tool for tracing interprocess communication on Linux. The tool covers most interprocess communication (IPC) mechanisms, …
Dark web analysis shows high demand for hackers
Positive Technologies’ experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing …
When it comes to vulnerability triage, ditch CVSS and prioritize exploitability
When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …
Collaboration is the key to a secure world-class sporting event
Securing any world-class event is a massive undertaking that requires teams of security professionals to coordinate with each other and constantly share information. I’ve seen …
The cost of synthetic fraud to reach new highs
A TransUnion research finds instances of synthetic fraud and outstanding balances for suspected synthetic accounts at U.S. financial institutions have declined significantly …
Featured news
Resources
Don't miss
- Fake Claude Code install pages highlight rise of “InstallFix” attacks
- Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity
- Turning expertise into opportunity for women in cybersecurity
- Open-source tool Sage puts a security layer between AI agents and the OS
- Iran-linked APT targets US critical sectors with new backdoors