Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Attackers Abuse DocuSign to Send Phony Invoices

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm. “Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard,” Wallarm says.

Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers

This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. Retailer databases are chock-full of information that makes them highly attractive targets for ransomware gangs, as highlighted by Trustwave SpiderLabs in its recent 2024 Trustwave Risk Radar Report: Retail Sector.

What Is Remote Browser Isolation?

Remote Browser Isolation (RBI) is a cybersecurity solution that significantly reduces cyber threats by allowing you to browse the internet on an isolated server. Also referred to as browser isolation, RBI effectively separates web content from your device, significantly reducing the attack surface. By implementing an RBI solution, your organization can protect users against online threats, block malicious content from reaching computers and support Zero Trust Network Access (ZTNA).

Can Someone Steal Your Identity With Your ID?

Yes, someone can steal your identity with your government-issued ID or driver’s license. Any documents that contain Personally Identifiable Information (PII) – including your full name, home address, date of birth, photo or even your signature – can be used to steal your identity and target you with phishing scams. Continue reading to learn what someone can do with your ID, how to tell if someone is using your ID, what to do if your ID is lost or stolen and how to keep your ID safe.

Support Universal ZTNA with Netskope One Private Access

As hybrid work becomes the norm, it’s clear that traditional virtual private networks (VPNs) and network access control (NAC) solutions are falling short. Once the gold standard for secure remote access, VPNs now pose more problems than solutions—think slow performance, security risks, and complex operations.

Protect your applications from zero-day attacks with Datadog Exploit Prevention

Due to their numerous components and dependencies, web applications often have multiple vulnerabilities—many of them unknown and susceptible to zero-day attacks—that can be exploited by malicious HTTP requests. Determining whether a vulnerability exists is challenging without visibility into an application’s real-time data and event flows, which isn’t possible with existing firewall-based solutions.

Runtime security in multi-cloud environments: best practices and importance

Runtime security in multi-cloud environments encompasses the continuous monitoring and protection of cloud-based resources during their active operation. Unlike traditional security approaches that focus on static configurations or pre-deployment checks, runtime security emphasizes: This approach ensures that potential risks are identified and mitigated in real-time, providing an additional layer of protection against both known and emerging threats in complex multi-cloud setups.

Introducing The 403 Circle by Astra

This Cyber Security Awareness month, we’re thrilled to launch The 403 Circle, our new community-driven approach to building a safer world. It isn’t for everyone, but it might be for you. We are surrounded by an overwhelming trove of information, from AI chatbots and mile-long whitepapers to social networks or ‘communities’ that treat you like a product—to acquire, upsell, and renew contracts. At Astra, we strive to simplify proactive security.

AI-Powered APIs: Expanding Capabilities and Attack Surfaces

AI and APIs have a symbiotic relationship. APIs power AI by providing the necessary data and functionality, while AI enhances API security through advanced threat detection and automated responses. In 2023, 83% of Internet traffic traveled through APIs, but there was a 21% increase in API-related vulnerabilities in Q3 2024, severely impacting AI. The relationship between AI and APIs expands capabilities while simultaneously increasing potential vulnerabilities.