Beware the man in the cloud: How to protect against a new breed of cyberattack
One malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the …
Machine learning trumps AI for security analysts
Machine learning is currently one of the biggest buzzwords in cybersecurity and the tech industry in general, but the phrase is often overused and misapplied, leaving many …
Cybercrime could cost companies trillions over the next five years
Companies globally could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled …
Researchers analyze DDoS attacks as coordinated gang activities
In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit …
Week in review: SD-WAN deployment, security DevOps, a new taxonomy for SCADA attacks
Here’s an overview of some of last week’s most interesting news and articles: Compromised ad company serves Magecart skimming code to hundreds of websites The …
Most Facebook users aren’t aware that Facebook tracks their interests
Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their …
Mining malware evades agent-based cloud security solutions
Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining …
New infosec products of the week: January 18, 2019
XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for technical and business …
New requirements for the secure design and development of modern payment software
The PCI Security Standards Council (PCI SSC) published new requirements for the secure design and development of modern payment software. The PCI Secure Software Standard and …
Protecting privileged access in DevOps and cloud environments
While security strategies should address privileged access and the risk of unsecured secrets and credentials, they should also closely align with DevOps culture and methods to …
Risk managers see cybersecurity as the biggest threat to business
Sword GRC canvassed amost 150 risk managers from highly risk-aware organizations worldwide for their opinions. Overall, cybersecurity was seen as the biggest risk to business …
773 million records exposed in massive data breach
Someone has compiled a massive collection of email addresses and plain text passwords, apparently from 2000+ hacked databases, and has made the trove freely available for …
Featured news
Resources
Don't miss
- Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
- Self-sovereign identity could transform fraud prevention, but…
- Ghidra 11.3 released: New features, performance improvements, bug fixes
- Ransomware payments plummet as more victims refuse to pay
- The overlooked risks of poor data hygiene in AI-driven organizations