Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Dell's API Security Failure: How 49 Million Records Were Exposed #dell #DataBreach #dataleaks

Nov 14, 2024 By Wallarm In Wallarm
In this video, we examine two significant API security failures, each with devastating consequences. The first breach used a simple trial-and-error method, exploiting broken access control to impact 10 million users. In the Dell example, API abuse exploited a lack of validation and rate limiting, allowing an attacker, posing as a partner, to scrape 49 million records over several weeks. These cases highlight the importance of robust API security practices, especially for business processes and access control. Watch to learn key takeaways on protecting APIs from similar attacks.
View Video
CalCom

Understanding Repo_GPGcheck

Nov 14, 2024 By Ben Balkin In CalCom
Repo_GPGcheck ensures linux verifies the authenticity of software packages downloaded from repositories, reinforcing overall system security and safeguarding against unauthorized software sources. A repository in Linux is a storage location where software packages are managed and organized. When installing or updating software, Redhat based Linux systems pull the required packages from these repositories using the YUM (Yellowdog Updater, Modified) package manager.
Read Post
Internxt

Password vs Passphrase: What's the Difference and Which is Better?

Nov 14, 2024 By Internxt In Internxt
It’s almost impossible to use the internet without setting up a password, they are the heart of managing our accounts online. We all know the importance of preventing access to our accounts. Unfortunately, passwords are always at risk from hackers trying to access our accounts. Even if you have the strongest password available, with one accidental click on a phishing email or spoofed website, we could accidentally give cybercriminals access to our accounts or sell our accounts on the dark web.
Read Post
cyphere

Major cyber attacks and data breaches of 2024

Nov 14, 2024 By Harman Singh In Cyphere
As 2024 draws to a close, the cybersecurity landscape continues to evolve, marked by both familiar adversaries and emerging threats with newer technologies and improved tactics. Rather than merely cataloguing breaches, we look into the anatomy of significant cyber attacks, associated vulnerabilities that led to such events, and relevant controls. We’ve chronicled key developments month by month, offering a comprehensive view of the cyber attacks of 2024 narrative that would help you learn lessons.
Read Post
nucleus

Understand How Internet Exposure Impacts Vulnerability Management and Cyber Risk

Nov 14, 2024 By Aaron Unterberger In Nucleus
As organizations continue to embrace digital transformation, their infrastructure increasingly spans cloud environments, third-party integrations, and remote work setups. This shift enhances efficiency and productivity—but also broadens the digital attack surface, creating new points of exposure to the public internet.
Read Post
datadog

Best practices for monitoring LLM prompt injection attacks to protect sensitive data

Nov 14, 2024 By Thomas Sobolik In Datadog
As developers increasingly adopt chain-based and agentic LLM application architectures, the threat of critical sensitive data exposures grows. LLMs are often highly privileged within their applications and related infrastructure, with access to critical data and resources, making them an alluring target for exploitation at the client side by attackers. In particular, LLM applications can be compromised to expose sensitive data via prompt injection attacks.
Read Post
cyberint

Not Your Grandfather's Hacktivists: How Hacktivism Has Evolved

Nov 14, 2024 By Coral Tayar In Cyberint
Hacktivism – the practice of carrying out cyberattacks to advance political or social goals – is not new. Hacktivist attacks go as far back as the 1980s. Yet today’s hacktivists often look and operate in ways that are markedly different from their predecessors. They’ve embraced new techniques, they often have more resources at their disposal and they can prove more challenging to stop.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.