The world is filled with hackers and other criminals who hunt the web for unprotected small and medium-sized businesses. Cybercriminals understand that many businesses are not equipped to manage a breach, leaving them more vulnerable to attacks and less likely to respond. But that doesn’t mean your company has to remain passive in the fight … Read more
Perhaps one of the best Black Hat talks in recent years was renowned web security researcher Orange Tsai’s presentation about bypassing Server-Side Request Forgery (SSRF) defenses. Together with his team, Tsai proposed a “very general attack approach” to discover numerous zero-days in built-in libraries of widely-used programming languages including Java, PHP, Python, Perl, JavaScript and … Read more
Widespread transition to remote/hybrid work creates vast opportunities for cyber attackers. With much more data being stored in the cloud and employees toiling away in less-secure home-office environments, ransomware attacks have skyrocketed. All told, ransomware struck 66% of midsize organizations in 2021, up from 37% the previous year according to the State of Ransomware 2022 … Read more
Cybersecurity news is a curious thing. For the most part it’s bad news. Companies have been breached, risks are ever increasing and another billion-dollar crypto raid is under investigation. Feels like we have enough to be worried about in 2022 without adding more. Application security is a category within a category and has been top … Read more
What happens when two distinct teams with varied technological expertise, different incentive structures and contrasting priorities converge?—the answer is usually tension. During a recent discussion with colleagues, a completely different result was experienced. ‘Camaraderie’ is the word that immediately comes to mind when thinking about the veteran DevSecOps/engineering and security leaders. Sure there are still … Read more
The Russian invasion of the Ukraine was bound to have a part of the conflict rooted in cyberspace. The rise of crowdsourced security in the current war has taken an interesting turn.
Installing apps on a smartphone might seem like the most ordinary thing in the world. After all, we all have hundreds of them on our mobile devices. You just open an app store, find the app you like, tap the big Install button, and you’re ready to enjoy all the benefits of your latest download. … Read more
If you have been running your business for a while, you have likely read plenty of resources that tell you how you can protect your corporate and customer information against the potential of a data breach. As technology evolves, so do the threats that we face every day; therefore, it is important to remain protected. … Read more
With more and more users turning towards mobile use as their primary tool for accessing products and services, businesses must prioritize their mobile app security. The increased use of mobile devices makes companies more vulnerable to cyber-attacks and security breaches. And having an app in addition to a website can increase your security risks even … Read more
The importance of cybersecurity in the modern world cannot be understated. Over the last two years, we’ve seen cybercrime take off as criminals attempt to leverage pandemic fears and insecurities to steal money from the average citizen. COVID-19 birthed a second pandemic of cybercrime, and those using virtual tools for mental health services are uniquely … Read more
