Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Defending Against Social Engineering Attacks with Modern Insider Threat Management

Social engineering is an insidious way of getting "insider access" into an organization's network and data. Threat actors use it to gain sweeping access to carry out sophisticated attacks while evading detection. This "insider" leeway of social engineering makes it an alarming threat that cybercriminals are routinely exploiting now more than ever.

Q3 2021 Threat Landscape Ransomware in the Supply Chain

In a pattern of continued growth across the third quarter of 2021, ransomware remains the dominant threat type, more than doubling since 2021 Q1, fuelled by an exponential increase in the initial access broker marketplace. Incidents of unauthorized access and the risk of insider threats also increased, but to a far lesser extent, accounting for roughly 20% of incidents in the same period.

Malicious npm Packages Are After Your Discord Tokens - 17 New Packages Disclosed

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Most recently we disclosed 11 malicious packages in the PyPI repository, a discovery that shows attacks are getting more sophisticated in their approach.

What is Customer Journey Hijacking?

Imagine it’s December—the biggest sales time of the year. Your e-commerce site is up and running, complete with a robust and diverse inventory for buyers. A few days into the shopping season, you notice an unusually high number of cart abandonments and quite a few customers leaving after viewing a couple of different web pages. You check the web pages. They look fine—in fact, better than fine. (You spent a little extra this year improving the graphic design.) Everyone is stumped.

Sponsored Post

To Reinvent SOAR, Automation Is only a Feature

Security, by its very nature, is one of the most innovative fields on the planet. Every technological advancement carries with it a handful or more of new attack vectors, which in turn lead to a dizzying amount of security innovation as our industry works to mitigate risk and defend against threats. But for all this innovation, there are a few ways in which security lags far behind.

Cybersecurity in 2022, Predictions for digital ecosystem facing more challenges and sophisticated threats

In 2020, I published an AT&T blog called “Top Cybersecurity Trends & Predictions for 2020’”. In the article I had forecasted that cybersecurity would become even more of a strategic priority for companies as the cost, sophistication, and lethality of breaches would continue to rise.