We are going through a period of huge security and networking upheaval. Transformation projects are afoot in the vast majority of organisations and architectural ideologies are shifting towards SASE and Zero Trust. We are all seeing and experiencing this first hand, but anecdotal tales of how organisations are handling these changes are inconsistent. Some are seeing security teams expanding, while others are decentralising the team and distributing security expertise across project taskforces.

Black Friday is a long-awaited day for many people, as it generates a lot of sales in both physical stores and online marketplaces. With the ongoing COVID pandemic, online sales are expected to be even more intense this year, and along with that, we will likely see an increase in cyber scams. Attackers will try to steal your money in many ways: through phishing sites, banking malware, remote access trojans, and more. However, there is one type of malware that people often underestimate: adware.

Networks form a critical core for our modern-day society and businesses. These networks are comprised of many types of components that make up the networks’ infrastructure. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points.

You can build the best system in the world, but it won’t matter if no one uses it. That might sound obvious, but it’s often overlooked. Getting your users to buy into a new system is not as easy as flipping a switch. It takes planning, initiative, and reinforcement to make sure your software is broadly adopted.

In a recent Quarterly Index report, Netacea’s Threat Research Team listed the top five scalper bot targets of Q3 2021 and predicted the items most sought after by bots for Black Friday and the festive shopping season. But scalper bots (or grinch bots) have already been hard at work ahead of Christmas, depriving genuine consumers of luxury advent calendars and limited-edition toys in the run up to peak retail period.

In Distributed Denial of Service (DDoS) a system or network is flooded with online traffic from multiple sources in an attempt to make it unavailable. Cybercriminals take advantage of protocol or DNS server vulnerabilities that they exploit to launch attacks. Moreover, in larger scale attacks, they may use malware that infects thousands of hosts that target the victim to block it, all of them with different IP addresses, which is known as a botnet.

Few concerns keep business leaders up at night like the threat of a cybersecurity incident. With the average cost of a data breach exceeding $4 million for the first time and public sentiment, regulatory requirements and practical functionality firmly against companies that can’t protect their digital landscape, many leaders are reprioritizing cybersecurity in response to this increasingly urgent reality.

Exchange admins now have another exploit to deal with despite still reeling from a number of high profile attacks this year including ProxyLogon and ProxyShell. A new high severity Remote Code Execution (RCE) exploit for on-premise Exchange Servers has been published and is being actively exploited in the wild.

New software and assets introduced into your network are, by default, configured to be multifunctional and convenient to use, but they’re not always the most secure. IT teams also make constant changes to systems’ configurations, leading to inevitable security gaps. Maintaining secure configurations in assets and software is essential for organizations that want to avoid potential cyberattacks or face costly audit penalties.

We’re pleased to announce new functionality within the Snyk Vulnerability Scanner extension for Visual Studio Code, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies! To help developers take more responsibility for the security of their applications, security tools must be able to integrate seamlessly into existing workflows and the tools developers are using on a day-to-day basis.