The State of Server-Side Request Forgery Risks in 2022

Author(s):

Harry Wilson, Head of Digital Marketing Department, Globex Outreach

server-side request forgery

Perhaps one of the best Black Hat talks in recent years was renowned web security researcher Orange Tsai’s presentation about bypassing Server-Side Request Forgery (SSRF) defenses. Together with his team, Tsai proposed a “very general attack approach” to discover numerous zero-days in built-in libraries of widely-used programming languages including Java, PHP, Python, Perl, JavaScript and … Read more

Why Data Protection Must Be a Part of Every Cybersecurity Strategy

Author(s):

Ahsan Siddiqui, Director, Product Management, Arcserve

Data Protection - Ahsan Siddigui

Widespread transition to remote/hybrid work creates vast opportunities for cyber attackers. With much more data being stored in the cloud and employees toiling away in less-secure home-office environments, ransomware attacks have skyrocketed. All told, ransomware struck 66% of midsize organizations in 2021, up from 37% the previous year according to the State of Ransomware 2022 … Read more

Application Security Should Be A Badge Of Honor, Not A Wall Of Shame

Author(s):

Mark Hamill, Director of Product Management, Cobalt

Application Security

Cybersecurity news is a curious thing.  For the most part it’s bad news.  Companies have been breached, risks are ever increasing and another billion-dollar crypto raid is under investigation.  Feels like we have enough to be worried about in 2022 without adding more. Application security is a category within a category and has been top … Read more

Fixing Vulnerabilities at Speed—How Engineering and Security Can Achieve True DevSecOps

Author(s):

Jay Paz, Senior Director of Delivery, Cobalt

Engineering and Security

What happens when two distinct teams with varied technological expertise, different incentive structures and contrasting priorities converge?—the answer is usually tension. During a recent discussion with colleagues, a completely different result was experienced. ‘Camaraderie’ is the word that immediately comes to mind when thinking about the veteran DevSecOps/engineering and security leaders. Sure there are still … Read more

The Importance of Cybersecurity in Mental Health Services

Author(s):

Frankie Wallace, ,

Cybersecurity in Mental Health

The importance of cybersecurity in the modern world cannot be understated. Over the last two years, we’ve seen cybercrime take off as criminals attempt to leverage pandemic fears and insecurities to steal money from the average citizen. COVID-19 birthed a second pandemic of cybercrime, and those using virtual tools for mental health services are uniquely … Read more