Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Content scraping: How does it affect your business?

Content scrapers are automated bots that steal your content from websites and mobile apps for their own use without permission, usually for malicious purposes. Content scrapers typically copy all the content from a webpage and portray it as their own content. Bots can scrape all of the content on a website in a matter of seconds, even for large websites such as eCommerce sites with thousands of product pages. These bots can scrape public website information such as text, images, HTML and CSS code.

CVE-2020-10189: Zoho ManageEngine Vulnerability Still Dangerous Nearly a Year Later - The Monitor, Issue 15

Zoho ManageEngine Desktop Central is an endpoint management solution offered by Zoho. A server running this software can push updates to managed systems, remotely control and lock them, apply access controls and more. In March 2020, a remote code execution (RCE) vulnerability was identified (tracked as CVE-2020-10189) in the ManageEngine software due to the deserialization of untrusted, user-controlled input in the getChartImage function of the FileStorage class within the application.

Desktop Central featured in 2021 Gartner Peer Insights Customers' Choice for UEM

At ManageEngine, customer satisfaction is not just a promise, but also a driving force behind everything we do. From resolving bugs to delivering a seamless experience, we always look forward to hearing what our users think about our solutions. That’s why we’re delighted to announce that ManageEngine Desktop Central has been recognized as a Gartner Peer Insights Customers’ Choice for Unified Endpoint Management Tools. To all of our customers who reviewed us, we want to say thank you!

Tips for minimizing security risks in your microservices

Organizations are increasingly turning to microservices to facilitate their ongoing digital transformations. According to ITProPortal, more than three quarters (77%) of software engineers, systems and technical architects, engineers and decision makers said in a 2020 report that their organizations had adopted microservices. Almost all (92%) of those respondents reported a high level of success.

Cyber security in universities: Threats, threat actors and defence

This blog post aims to provide an overview of the state of cyber security in universities and other higher education organisations. Security has been a challenge for a long time at schools, colleges and universities. Aligning ourselves with the glass-half-full attitude, these organisations and institutions have shown good progress with basic security controls. Information security is a prerequisite for various business dealings in the public sector, grant funding and procurement processes.

Purple teaming: Bridge between Red Teams and Blue Teams

Although offensive and defensive controls work towards the same goal, how do you ensure red and blue teamwork follow a collaborative approach? The answer is purple teaming. There is a gap between the red team and blue team capabilities in multiple ways i.e. approach, methodology, tool-sets and timelines. Both teams must work collaboratively and constantly to maximise their company’s investment towards ongoing defensive improvements.

How to hack smarter and find critical vulnerabilities with the new fuzzing engine

There is a common tendency that the typical DAST scanner finds the easiest to locate known security vulnerabilities. If you need to find vulnerabilities that are more difficult to detect – you need the help of security experts. But what if the DAST product could behave more like an automated hacker? The Security Research team at Detectify set themselves up to solve this problem and fundamentally upgrade the way we do fuzzing in our vulnerability scanner, Deep Scan.

Managing Security Debt: How to Reduce Security Deficit

Recent years have seen a sharp increase in the number of reported security vulnerabilities, along with quite a few notorious attacks on enterprise applications. Organizations have reacted by increasing their investment in AppSec and DevSecOps, including the widespread adoption of AST (application security testing) tools.

Nigerian fintech landscape

The saying “Good people, great nation” truly captures the essence of Nigeria- also known as the land of hope and opportunity. It is a nation that promotes healthy business growth with vibrant people with friendly energy expressed through diverse creative expressions. The development of the fintech industry in the past few years has been a shining star in the Nigerian economy, with the potential to shine brighter—even through the hurdles posed by the ongoing COVID-19 crisis.