Bots are rampant across the web – in fact, around 50% of all web traffic is automated or invalid, i.e., doesn’t come from a real user with genuine interest. While some of this traffic is good and useful, for example, search engine crawlers and content aggregators, a high percentage is malicious. Hosting bad bots on your server can result in a plethora of problems for your website and business, from damage to your brand reputation to excessive financial and technical costs.

Artificial intelligence (AI) is playing an increasingly important role in cybersecurity. This is confirmed by a recent Pulse survey of 191 senior executives from companies on four continents: two out of three organizations (68%) say they are using tools that use AI technologies and among those who are not yet using AI, 67% are considering adopting it.

Businesses have always had to manage risk – everything from operational, financial, or strategic risks; to other risks that are reputational, regulatory, or cybersecurity-related. So how does enterprise risk management (ERM) work today, when so many businesses are moving so much of their operations into the cloud? How can CISOs and other senior executives take traditional ERM principles and apply them to the cloud-based technology that underpins so much of the modern enterprise?

Risk culture is the set of shared beliefs, attitudes, and understanding among a group, usually in a corporate environment, about risk and risk management practices. A company has a strong risk culture when all employees understand the business and regulatory landscape in which the organization functions, and what risks are acceptable within that landscape to achieve business objectives.

At times, the quest to stay on top of web application security can seem futile. It seems as though the adversaries are always a step ahead, and all we can do is try our best to contain the breaches. In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals.

Moving into 2022, looking back at the plentiful year of 2021, regarding security, we at the Cyberint Research Team will try and shed some light on the upcoming year: the key security risks and threats, and what we feel will change in the coming year. We will focus on the actions required to be as vigilant and protected as possible.

Traditionally, we start the new year with resolutions. We want to do more good things, like working, other things we try to eliminate. Considering the latter, my 2022 resolution is to stop accidentally exposing confidential information while I hack my application during demos on stage or similar. Yes, this new years resolution sounds very specific, and it has an excellent security horror story behind it…

In the early days of 2022, two extremely popular JavaScript open source packages, colors.js, and faker.js, were modified to the point of being unusable. The reason for this event can be traced to various motivations, but what is worth mentioning is that several applications that employed those dependencies were involved. The two impacted packages can be used for different purposes in JavaScript applications. colors.js enables color and style customization in the node.js console.

You can't do business without your vendors. They support critical elements of your organization, from cloud storage services to payment processing to physical items like office supplies or physical components. Your vendors make your organization run more efficiently – but sometimes at a risk to your financial, reputational and operational resiliency.