‍Ransomware attacks are dominating news headlines, with ransomware-as-a-service (RaaS) operators actively seeking to exploit network vulnerabilities and infect unsuspecting victims. The healthcare sector and financial industry are especially vulnerable to ransomware attacks, as they store valuable personally identifiable data (PII) which can be misused to carry out lucrative crimes, like identity theft and fraud.

Traditionally, we find the DPO (Data Protection Officer) in large and very large enterprises. Small and Medium-sized businesses most probably do not have a DPO. But that is going to change now. Why? After nearly two years of deliberations, the Joint Parliamentary Committee (JPC) finally chaired the Personal Data Protection (PDP) bill, 2019 in the Indian Parliament. This bill will ultimately pave way for the strongest data protection law in the world’s largest democracy.

Today’s developers move at increasingly rapid speed – making it more critical than ever to identify and resolve code vulnerabilities early in the software development lifecycle. By tackling security early – instead of waiting until testing and deployment – engineering teams can reduce unnecessary patching and maintenance cycles, reduce risks, and ensure timely delivery of new features.

We’re excited to announce Nightfall’s partnership with Cribl, the high scale, data processing and observability platform. Cribl’s platform gives companies greater value out of their data by serving as the core plumbing connecting all of your data platforms, allowing users to set up workflows and extract essential data for processing, analysis, or storage.

Imaging you’re applying for a loan. One of the important criteria required to obtain approval is the credit score. The higher the credit score, the higher your chances for getting a loan. Similarly, imagine you’re selling a product on a website. Potential buyers judge the quality of your product based on the reviews or ratings it has received from other customers. The higher the ratings, the higher the chances people will buy your products or services.

This blog describes the attack path we have uncovered during a recent penetration test of a web application, coupled with a back-end infrastructure assessment. Throughout we introduce different attack techniques and tools that can be used to attack the underlying infrastructure and APIs of a web application.

Over 20 years ago, USB flash drives, also known as thumb drives, were regarded as a breakthrough in portable data storage technology. Today, they are seen as a major security risk. If you must use a USB flash drive for data storage, there are ways to improve your data security. Read on to learn how to secure your thumb drive. If you’re aware of sensitive data and its storage requirements, skip ahead to our top 7 tips for securing your USB flash drive.

With the speed of technological advancements, one term is ubiquitous, Artificial Intelligence. Across various fields, AI is changing how we look at current technologies. One technology transformed with the implementation of AI is OCR, Optical Character Recognition. OCR can process images of text and convert them into a machine-readable format. It can take handwriting and printed documents and convert them into a digital format.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Say that again??? 22 year old vulnerability that was patched in 2017 is still finding victims.

Kroll has been tracking Emotet since it was first identified in 2014, especially during its transition from a banking Trojan designed to primarily steal credentials and sensitive information to a multi-threat polymorphic downloader for more destructive malware. Today, Emotet operators stand as one of the most prominent initial access brokers, providing cybercriminals with access to organizations for a fee.