The Payment Card Industry Data Security Standard (PCI DSS) is the gold standard for protecting cardholder data. With the recent release of version 4.0, the focus on securing APIs has intensified. But what does this mean for your organization, and why shouldn't you take API security with a grain of salt (pun intended)?

Improve workflows with collaborative incident management to minimize vulnerabilities and enhance productivity with GitGuardian while empowering developers via ggshield.

ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 (critical), the vulnerability permits remote attackers to take control of the affected router models without needing any login credentials.

Imagine your financial data behind a seemingly impenetrable wall, but in reality, it's akin to a fortress with invisible cracks. That is a world without Threat-Led Penetration Testing (TLPT). As cyber threats become more nuanced and lethal, TLPT stands as a specialised sentinel in the arsenal of financial institutions, safeguarding sensitive assets through the simulation of real-world attacks.

THORChain is a network that facilitates native asset settlement between various blockchains including Bitcoin, Ethereum, BNB Chain, Cosmos, and more. Overall, THORChain aims to provide a seamless and efficient way for users to exchange assets across different blockchains while maintaining a high level of decentralization, security, and community participation.

The explosive growth of TikTok in schools isn’t just a trend—it’s a cybersecurity ticking time bomb. From rampant exposure to harmful content to severe data privacy concerns, TikTok’s unchecked influence poses significant threats to the safety and well-being of students, as well as compromising the technical infrastructure and sensitive data of schools.

A SaaS Backup solution should definitely be considered in your data protection strategy. Backups generate copies of your data, and as a consequence allow for a quick recovery in case of data loss due to accidental (or intentional) deletions, cyber-attacks, or outages.

This is a Bulletproof Tech Talk article: research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. In the complex landscape of Active Directory, ensuring secure and appropriate access is a constant challenge. Recently another "ESC" technique has been released which is known as ESC13.

To find out, check out Episode 23 of the Cyjax Geopolitical and Cybersecurity Podcast. Here’s a summary of what’s on the table…

Devo recently brought together an esteemed panel of modern CISOs to discuss the issues that matter most to them and their peers. Included in the panel were: It was a lively discussion that covered important topics around the evolution of one of the top security executive roles. Here are five of the key takeaways that bubbled up from the hour-long CISO panel.