The vulnerabilities perforating the global supply chain have remained dormant for many years. But the violent disruptions of the pandemic finally pushed these risks to the surface, revealing the detrimental impacts of their exploitation to the world.

On Thursday evening, around 6:25 PM, Uber announced that it was responding to a cybersecurity incident. While Uber hasn’t gone into details about what happened, the purported threat actor has openly corresponded with several security professionals, including Sam Curry at Yuga Labs, Corben Leo at Zellic.io and The New York Times. According to both Curry and Leo, multiple systems were impacted.

A successful building project requires vast data, from architects' drawings to engineers' calculations to builders' material lists. Projects can quickly become chaotic without a platform to unify and manage this data as important information gets lost in the shuffle. That's why it's vital to have a system for unifying design and construction project documents. By unifying all the data in one platform, everyone involved in the project can easily access the information they need when they need it.

With the cost of a data breach at an all-time high of $4.35 million and regulations worldwide imposing steeper penalties for compliance failures, organizations must ensure that they have all necessary security controls in place to keep their data safe. Implementing the CIS Controls provides a sound foundation for effective defense against cyber threats First developed in 2008, the CIS Controls are updated periodically in response to the evolution of both technologies and the threat landscape.

I know many will read this title and think that I am crazy. If I am compliant with NIST, HIPAA, ISO, PCI, etc., then I am running a secure network. And to a point that is true. But let’s look at it this way. If you are driving down the interstate at the posted speed limit and are keeping three car lengths between the driver in front of you, are you truly safe and secure on the interstate?

Ever heard of pretexting? And no, we’re not talking about when you first carefully draft a risky text message before sending it! Pretexting is a sneaky and highly effective form of social engineering that attackers use to dupe people into sharing their personal information.

The Covid-19 pandemic caused a seismic shift in remote working practices. Before the pandemic, 34% of US employees worked remotely at least one day a week. Now, as we emerge from the pandemic, 35% of Americans work from home full-time — with a further 23% able to work remotely part-time. This equates to approximately 92 million remote workers in the US alone. But this rise in remote working is causing significant corporate cybersecurity issues.

In theory, modern web frameworks provide secure ways of accessing databases, making SQL injections a non-issue. The reality looks much different. Among other injection vulnerabilities, SQL injections are still atop the OWASP Top 10, and organizations still frequently fall victim. Therefore there is no way around software security testing solutions that can reliably detect SQL injections.