An information disclosure vulnerability has been identified in Money Lover, a finance tracking application created by Finsify and available on Android, iOS, Microsoft Store, with a web interface. This vulnerability allows any authenticated user to view live transactions related to shared wallets.

The concept of least privileged access has been around for a while and is widely understood. However, overprivileged users with more rights than necessary, such as administrators, continue to be a common source of breaches. It’s such a concern that the restriction of administrative privileges is included as one of the Australian Government’s Essential Eight Maturity Model to mitigate cybersecurity incidents.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Recent trends show that car dealerships are becoming a prime target for cyber-attacks, partly due to the rise in autonomous and connected vehicles. This is in addition to more traditional attacks such as phishing. Therefore, car dealerships are urged to take measures to improve their cybersecurity posture.

Torq is proud to introduce Parallel Loop, a new capability that enables users to process bulk data from myriad security tools with unprecedented ease. It also provides the power of orchestration like no other automation tool in the security automation industry with true parallelism. That means multiple tasks can be run simultaneously, and optionally, on multiple elastically-scaled compute resources, shortening the time workflow automations take to complete by 10x or more.

In the wake of Killnet’s latest DDoS attack on U.S. hospitals on January 30, SecurityScorecard has made its KillNet open proxy IP blocklist available to the public. This list is the product of the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team’s ongoingresearchintoKillNet. We released this list to help organizations better defend themselves against KillNet and other groupslike it by preventing traffic from exploitable assets.

Our annual Ransomware Report shares the latest trends and developments of the most active threat groups, and their victims to help businesses better protect themselves.

We are happy to announce that ARMO Platform users can now utilize ChatGPT to quickly and easily create custom controls. ARMO is the first Kubernetes security company to offer this kind of integration. Read all about it 👇

In my previous article I defined what is Cyber Threat Intelligence (CTI), described how to measure it and explained why it is important to implement a CTI program that can serve different stakeholders with different types of intelligence requirements in order to have a proactive security approach. 2022 was a productive year for ISO (International Organization for Standardization) security standards.

The Cybersecurity Research Center conducted a security analysis of the 10 most popular Android sports and betting apps. With the Super Bowl approaching in the U.S., the Synopsys Cybersecurity Research Center (CyRC) set out to evaluate the 10 most popular Android sports and betting apps through the lens of supply chain security. We used Black Duck® Binary Analysis (BDBA) to examine the open source components used in these apps.

In today's digital age, smartphones have become integral to our lives. They are our companions day in and day out, holding our personal information, photographs, and financial details. Statista reports that the Google Play Store currently boasts an impressive number of over 2.9 million apps. The figures indicate the growing popularity and success of android application development companies in the market.