In December 2020, I wrote the article Serialization and deserialization in Java: explaining the Java deserialize vulnerability about the problems Java has with its custom serialization implementation. The serialization framework is so deeply embedded inside Java that knowing how dangerous some implementation can be is important. Insecure deserialization can lead to arbitrary code executions if a gadget chain is created from your classpath classes.

There’s a shift in the world of DevOps. It is no longer enough to create applications and just launch them into the cloud. In a world where entire businesses can exist online, securing your digital assets is as important as creating them. This is where DevSecOps comes in. It is the natural progression of DevOps — with security being a focus as much as the process of creating and launching applications.

67% of the malware downloads Netskope blocks come from popular cloud applications being abused by attackers. One of the services commonly abused by threat actors is Discord, which is abused to host malware such as TroubleGrabber using public attachment URLs. In this blog post, we will analyze a recent DBatLoader (a.k.a. ModiLoader) sample that uses this technique on Discord to deliver a malware known as Warzone (a.k.a. Ave Maria), a Remote Access Trojan created in 2018.

Before I joined the security industry, I was an end user. Coming in with that first-hand experience equips me to talk about secure remote access from multiple perspectives: as a vendor and as a practitioner. This lets me see the technologies available and also understand the drivers and issues engineering orgs face adopting them, particularly with onboarding engineers. I’ve been a support engineer for over 20 years, across Operations and System & Database Administration.

During a ransomware attack, a victims vital internal processes are seized and encrypted, completely forcing their business offline. These crippling actions are only reversed if a ransom payment is made. Ransomware attacks are an escalating threat to global security and the Australian Government is taking a firm stance against it. With global ransomware damage costs predicted to reach $20 billion and increasing cyberattack complexity, this isn't a fight a single country can win alone.

The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working in the food and agriculture sector.

The General Data Protection Regulation (GDPR) is designed to protect the personal data of EU residents by regulating how that information is collected, stored, processed and destroyed. The data security and privacy law applies to all organizations that collect the personal data of European Union citizens, regardless of location. The penalties for noncompliance with GDPR requirements are stiff. Many organizations are struggling with how to comply with GDPR.

Containers have changed how applications are developed and deployed, with Kubernetes ascending as the de facto means of orchestrating containers, speeding development, and increasing scalability. Modern application workloads with microservices and containers eventually need to communicate with other applications or services that reside on public or private clouds outside the Kubernetes cluster. However, securely controlling granular access between these environments continues to be a challenge.

As cybercrime rises, businesses need to erect defenses against attacks in all their operations. Supply chains are particularly vulnerable, with cyberattacks against them increasing 42% in Q1 2021, affecting 7 million people’s data. Supply chains make ideal targets for cybercriminals since they hold sensitive data, often have large attack surfaces and are mostly unprotected. As such, they should be a focus for businesses’ cybersecurity efforts.

Every day healthcare providers must undertake the nerve-racking task of complying with an increasing number of healthcare regulations. According to one report, the healthcare industry spends nearly $39 billion every year on the administrative burdens of regulatory compliance. Today healthcare organizations must comply with more than 600 regulatory requirements.