Recently, Snyk added Social Trends to its vulnerability data . This new indicator shows you what vulnerabilities are trending so you can better prioritize remediation. Our research team found out that there is a strong correlation between socially trending vulnerabilities and the existence of exploits that can actually harm your application.

First observed in 2020 and advertised on various cybercriminal forums as a 'Malware-as-a-Service' (MaaS) threat, Redline is an information stealer mainly targeting Windows' victim credentials and cryptocurrency wallets, as well as Browser information, FTP connections, game chat launchers, and OS information such as system hardware, processes names, time zone, IP, geolocation information, OS version, and default language.

AWS GDPR compliance, privacy and personal data protection are one of the most common concerns among cloud teams that run workloads in the AWS Cloud. When thinking about the different mechanisms to protect privacy and gain trust from the users who utilize our services, Compliance is one of the words that comes to mind.

When it first burst onto the cyber security scene back in 2015, SOAR was dubbed by Gartner as a ground-breaking, revolutionary technology in the cyber security industry. Fast-forward 6 years, Security Orchestration, Automation and Response has lived up to those expectations and is rapidly growing its presence rapidly, with the SOAR market estimated to exceed $550 million by 2023 .

Teleport, an Access Plane company, is announcing today that it has secured $30M in Series B funding. The company also released its latest version of its offering, Teleport 7.0 – introducing identity-based access for MongoDB . This funding round is led by Kleiner Perkins and follows the company’s record-breaking quarter, with net new annual recurring revenue up 5x and total annual recurring revenue up 2.5x, compared to the second quarter of 2020.

Third-party risk is any risk brought on to an organization by external parties in its ecosystem or supply chain . Such parties may include vendors, suppliers, partners, contractors, or service providers, who have access to internal company or customer data, systems, processes, or other privileged information. While an organization may have strong cybersecurity measures in place and a solid remediation plan, outside parties, such as third-party vendors , may not uphold the same standards.

During a recent client engagement, the DGC penetration testing team identified a previously unknown vulnerability affecting the Autodesk Licensing Service, a software component bundled with nearly all licensed Autodesk products. The vulnerability exists in a software component common to most Autodesk products and impacts nearly all organizations using licensed Autodesk software in any capacity.

No discussion on ICS attacks could be complete without talking about what some would call, ‘the elephant in the room.’ Critical infrastructure has always been a target for warfare, and modern ICS are no exception. Several high-profile ICS disruptions have in fact been attributed to malicious hackers working at the behest of a military or intelligence agency.

The term DDoS attack refers to a malicious actor or group of actors intentionally trying to overwhelm a victim’s computer network with traffic. The large influx of network traffic being directed at the target can cause serious issues for legitimate traffic, such as regular users who need to access websites, data or services. Everyone from gamer sites to large enterprises fears the threat of distributed denial of service attacks.

Netacea surveyed 440 enterprise organizations based in the USA and UK across travel, entertainment, eCommerce, telecommunications and financial services to understand the cost of bot traffic on businesses. Our respondents indicated that they are aware of the increase in scale and frequency of bot attacks over the course of Covid-19 pandemic, with 85% more attacks occurring in 2020 vs. 2019.