Why APIs Are the #1 Target for Modern Cyber Attacks
Forget zero-days. Attackers now focus on API logic flaws like BOLA and IDOR to steal data using legitimate requests.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Preventing Supply Chain Cyberattacks: Lessons from the Marks & Spencer Breach
As more details of the April ransomware attack on UK retailer Marks and Spencer are made public, we are directly witnessing the cascading repercussions that organizations face when victimized by a well-thought-out and properly executed attack. In the specific case of M&S, the UK retailer is dealing with a supply chain attack, as M&S CEO Stewart Machin confirmed in a published report.
Make Your Business More Resilient with Proven Continuity Strategies
Possessing a resilient business allows for easy maneuvering around competitors during cyberattacks or supply-chain ordeal. In modern business, agility is paramount. New technologies and shifting markets have the potential to rapidly catalyze change. Still, external factors such as cyber attacks and natural disasters can disrupt the flow of even the most nimble businesses.
Catching Up on Cloud Attack Paths with Cloud Threat Specialist Sebastian Walla
Today’s adversaries are increasingly operating in the cloud — and Sebastian Walla, Deputy Manager of Emerging Threats at CrowdStrike, is watching them. In this episode, he joins Adam and Cristian to dive into the latest cloud attack techniques and the adversaries behind them.
How To Mitigate the Risk of Ransomware Attacks
Ransomware attacks can damage businesses by locking them out of sensitive data. Watch this short video to learn 10 best practices to mitigate ransomware attacks in your organization.
CTI Roundup: Hazy Hawk, Remcos RAT, and npm Phishing
Hazy Hawk uses DNS records to target domains, a new malware campaign delivers fileless Remcos RAT, and threat actors combine AES encryption and malicious npm packages in a novel phishing attack.
Layer 7 DDoS Attack Methods
A10 Networks' security experts Jamison Utter and Carlo Alpuerto delve into comprehensive DDoS protection. In this segment, Carlo Alpuerto explains how attackers exploit Layer 7 DDoS methods, such as slow POST attacks and other slow-rate techniques (potentially referring to "slow patches" or similar application-layer attacks), to disrupt services. Whether you're a security professional, network administrator, or business leader concerned about cyber resilience, this expert conversation provides actionable insights to strengthen your organization's DDoS protection posture.
Featured Post
Why Codefinger represents a new stage in the evolution of ransomware
Forget typical ransomware! Codefinger hijacked cloud keys directly, exposing backup flaws and shared responsibility risks. Time to rethink defence. If you didn't pay much attention to news of the recent Codefinger ransomware attack, it's possibly because ransomware has become so prevalent that major incidents no longer feel notable. But Codefinger is not just another ransomware breach to add to the list of incidents where businesses lost sensitive data to attackers. In key respects, Codefinger represents a substantially new type of ransomware attack.
How To Reduce Your Attack Surface with Secure Password Management
With the rise of remote work, cloud computing and mobile devices, your organization’s attack surface is larger than ever. Watch this short video to learn what an attack surface is, how to identify security vulnerabilities and five ways to minimize your attack surface.
The Change Healthcare hack wasn't just a breach-it was a wake-up call
"The US healthcare system is broken" is not an uncommon phrase. With no universal healthcare coverage, administrative inefficiencies, and an under-resourced primary care system, it's so bad that falling ill could very well bankrupt a citizen.