Let me tell you a story. Not a bedtime story or the sort of happy-ending story you’d read to your kids. This is a darker, much more serious story. It’s a story about cybersecurity. Specifically, it’s a story about attack stories. You may be asking yourself, what is an attack story? Every cyberattack has a story. And that story consists of a sequence of steps adversaries take to learn, access and control the resources and data of the victims they’re pursuing.

A few days ago, security researcher Neil Madden published a blog post, in which he provided details about a newly disclosed vulnerability in Java, CVE-2022-21449 or “Psychic Signatures”. This security vulnerability originates in an improper implementation of the ECDSA signature verification algorithm, introduced in Java 15.

Enterprise software projects increasingly depend on third-party and open source components. These components are created and maintained by individuals who are not employed by the organization developing the primary software, and who do not necessarily use the same security policies as the organization. This poses a security risk, because differences or inconsistencies between these policies can create overlooked areas of vulnerability that attackers seek to exploit.

On March 31, 2022, the Security Legislation Amendment Critical Infrastructure Protection Act 2022, also known as SLACIP, was passed by the Australian Parliament. The SLACIP Act aims to build upon the SOCI Act framework to improve the security of Australia’s critical infrastructures. To learn how the SOCI Act reforms will affect you and for guidance on how to comply with its new risk management requirements, read on.

Ransomware attacks and data breaches seem to be continuously contending for the top positions in news feeds. But what's the difference between these cyber threats and which should you be most concerned about? For a comprehensive breakdown of each type of cyberattack, read on.

Image source: Freepik This blog was written by an independent guest blogger. As eCommerce grows, there are more issues concerning payments and security. Customers still don’t enjoy a smooth user experience, can’t access fraud-free transactions, and there are still many declined transactions. Online shopping still lacks a seamless experience due to the risks of storing and handling sensitive account data.

To uncover how to build the best data strategy for your business, we chat with Adam Ryan, Calligo’s Chief Data Officer for Data Strategy on what to do, what to avoid – and everything else in between…

Today, connected vehicles are proliferating, smart cities are translating from vision to reality, and cloud-based connectivity services are increasing. Advanced connectivity solutions like 5G, cloud-based services and automations, and personalized experiences are redefining in-vehicle experiences. In addition, the growth of an intelligent Edge, smart infrastructure, and the Internet of Things are pushing the boundaries of the connected car.

Passwords are the first line of defence for protecting your devices and systems against improper access and malicious actors. They are used across almost all digital systems including software, cloud and infrastructure. Therefore implementing effective password management is one of the simplest ways of improving your cyber defences. And the best part? It costs next to nothing to have in place.

SecurityScorecard’s own Ondrej Krehel talks with News 12 in New York about how to protect yourself from what might be the most surreal spam number of all—your own. Most of us are used to getting spam texts: You’ve paid your bill, click this link for a free gift! You’ve won the sweepstakes, click here to redeem! It’s no surprise that nothing good comes from clicking those links.