Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress plugins for possible SQL Injection vulnerabilities. Some good news is that in the vast majority, no such vulnerabilities were identified. Most plugins were found to be using either prepared statements or suitable sanitization when incorporating user-controlled data in a query.
Black Hat USA 2021 kicked off this week and we enjoyed the show! In addition to hosting a Cards and Coding virtual casino night to discuss the future of cybersecurity (and give away some prizes), we held a Lunch & Learn with Wallace Dalrymple, CISO of Emerging Markets at Advantasure.
For the newest instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve welcomed Mark Kerzner, software developer and thought leader in cybersecurity training who is also the VP at training solutions company, Elephant Scale. His company has taught tens of thousands of students at dozens of leading companies. Elephant Scale started by publishing a book called ‘Hadoop Illuminated‘.
As companies generate an ever-increasing amount of data, security information and event management (SIEM) becomes increasingly challenging. Cybersecurity professionals have more to manage, and as cybercrime rises, there is less time to do so. While big data poses challenges for security teams, it also presents an opportunity. As of 2019, 52.5% of organizations worldwide have been using big data, with another 38% planning to do so in the future.
Written by Devin Partida As companies generate an ever-increasing amount of data, security information and event management (SIEM) becomes increasingly challenging. Cybersecurity professionals have more to manage, and as cybercrime rises, there is less time to do so. While big data poses challenges for security teams, it also presents an opportunity. As of 2019, 52.5% of organizations worldwide have been using big data, with another 38% planning to do so in the future.
Cybersecurity attacks come in all sorts of ways and from all directions, so perhaps we should not be surprised at one of the latest trends in thieves trying to steal your organization’s data — “vishing” attacks, where they use the plain old telephone.
A vulnerability assessment is the process of identifying IT security weaknesses in your network, operating systems, firewalls, and hardware, and then taking steps to fix them. Penetration testing, also known as “pen testing,” is an intentional, simulated cyberattack against your IT systems to find vulnerabilities and test the efficacy of cybersecurity controls. Both are essential components of a comprehensive vulnerability management and network security protocol.
Ransomeware can be a company’s worst nightmare. It’s not simply “getting a virus” or “clicking on a malicious email.” It is a systematic plan created by hackers to take your private information. Once they have a foothold in your private data, they use their position to blackmail you into submitting a payment. Technology to prevent ransomware has gotten better but attackers have gotten smarter and more methodical.
DevOps and Agile are popular modern software development methodologies. According to the 14th Annual State of Agile Report, 95% and 76% of the respondents stated that their organizations had adopted Agile and DevOps development methods, respectively. Interestingly, both approaches have the same aim: deliver the end product as efficiently and quickly as possible.
