With cyber criminals operating around the world, it’s more important than ever that businesses start understanding IT security. Afterall, 86% of UK organisations expect cyber attacks to increase, and 33% of hacked companies admit to losing customers after a breach. As an individual, a business, or a government or a nation-state, IT security is something that should be taken seriously.

With high-risk vulnerabilities popping up every other week, realising there is no such dream ‘patch everything’ and configuration changes slowly add up to weakening your infrastructure security. Vulnerability management and scanning are core components of a solid cyber security strategy, ensuring a sound risk management process. Vulnerability management helps an organisation keep an eye on their assets, both from asset management and operational security.

Detectify is on a mission to make the Internet safer through automation and crowdsourced hacker knowledge. We recently published “A guide to modern web application security” for SaaS and tech organizations looking to bring their security up to speed with development. Download your free copy of the guide here. Organizations are shipping code daily, making it challenging for security teams to keep track of changes in the web application and keep up with new security threats.

Cloud native has been a growing trend as organizations shift away from on-premise infrastructure and longer software release cycles towards a more iterative development approach using cloud-based tooling and infrastructure. While cloud native applications enable rapid deployments and greater scalability, this emerging software approach also introduces security challenges.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. I think we are all aware of phishing email, and how they apply urgency and alarm to entice you to click on something you shouldn’t. Well, Deliveroo in France thought it would be a great April Fool’s wheeze produce fake receipts for their customers. Didn’t go down well….

As we all prepare for a new life after Covid-19, more businesses than ever are looking at expanding their digital presence and making online their number one channel. Despite this, many are unaware and ill-prepared for the threats facing them as we all transition to a “new normal”. Thanks to the rollout of vaccines, the threat of Covid-19 is steadily diminishing and businesses are set to resume normal service.

Every spring, my family has an annual ritual of visiting our friendly primary care physician for our physical exams. Although it’s one of the last things my wife wants to do, these routine checkups are an important way to detect problems before they become more noticeable.

Over the last few weeks, Cyberint has witnessed an ongoing attack campaign targeting social media influencers, attempting to infect them with malware by impersonating large clothing retailers. The campaign targets influencers across multiple social media platforms but currently appears to mostly focus on influencers operating on YouTube. Further, although the infection process is not sophisticated, it is notable and appears to be evolving.

Businesses not taking cyber security seriously are undermining how important it is for growth. Cyber security is covers all aspects of protecting our sensitive data held in various forms, such as personally identifiable information (PII), health records, intellectual property, industrial systems, critical infrastructure, governments and military information.

Forrester’s Annual State of Application Security Report has become a touchstone for organizations on their journey to achieve AppSec maturity. As the software development industry and threat landscape continue to evolve, Forrester’s State of Application Security Report for 2021’s main message is that while applications are still a major attack vector, analysts found signs of hope in their research.