Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SecurityScorecard recently participated and presented in the World Economic Forum’s (WEF) Annual Meeting on Cybersecurity, which brought together 160 leaders on cybersecurity, including: global Chief Information Security Officers (CISOs); academic thought leaders, heads of cybersecurity from multiple countries and entities (the United Arab Emirates, Canada, Singapore, Luxembourg, the European Union, and Interpol); and the CEOs of several major companies.

Recent API breaches drive home the urgency of robust security. In the T-Mobile data breach, for example, the attackers exploited vulnerabilities in an API to compromise sensitive customer data. This incident exposed millions of users to potential identity theft and underscored the devastating impact of API security lapses. Infiltrating through the API, the attackers gained unauthorized access to customer records, emphasizing the need for comprehensive protection measures.

AutoZone is a vehicle parts replacement provider and servicer. Hosting over 5,300 stores across North America alone, AutoZone is a recognizably local option for car owners stateside. AutoZone’s many locations require seamless system responses; they ensure efficient service by using applicable third-party services.

In 2022, more than 25,000 new CVEs were discovered and added to the NIST National Vulnerability Database. In just the first ten months of 2023, another 23,500 CVEs were identified and added to the NIST NVD. That’s more than 48,000 new vulnerabilities documented in less than 2 years! With so many new CVEs being identified all the time, vulnerability management can seem like an insurmountable challenge. Despite the staggering numbers, there’s good news.

Cybercriminals and threat actors use multiple vectors to infiltrate your IT network. They employ a series of coordinated steps as they… Impactful cyberattacks today are no longer executed as a simple virus with self-mutation capabilities, especially when many organizations rely on AI-enabled threat detection capabilities. They’re a lot more sophisticated.

In organizational risk management, Risk Tolerance and Risk Appetite are two fundamental concepts. These concepts are applied in areas such as business investing, decision making, cybersecurity risk management, and overall finance. While these concepts complement each other, they do have different meanings. A simple distinction is this: And there’s a bit more to it.

One of the most notable changes in cybercrime since the beginning of the 21st century has been the maturation of the illegal industry from individual hackers to full-on profitable businesses. E-Root, a global illegal marketplace, was taken down by law enforcement in 2020 but recently made the news as its admin faces 20 years in prison for selling stolen Remote Desktop Protocol (RDP) and Secure Shell (SSH) accounts.