Ransomware appears to be one of the most expensive and disruptive internet afflictions. It is a type of malware that encrypts the victim's files and vital information, and hackers demand payoffs to provide the decryption keys. While ransomware is not any new form of attack on cybersecurity, the prevalent scenario is indeed alarming; the following numbers corroborate the same- It seems that individuals and organizations are likely to get affected by ransomware attacks even in 2023 and beyond.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. This blog was jointly authored with Arjun Patel. GuLoader is a malware downloader that is primarily used for distributing other shellcode and malware such as ransomware and banking Trojans.

The findings from a recent Gartner Peer Insights survey- Cybersecurity in the Healthcare Industry- show that nearly half of participating healthcare organizations have experienced a data breach in the past two years. As the number of connected and unmanaged devices increases, threats targeting IoT, IoMT and OT devices can undermine patients' confidence in the ability of healthcare organizations, and the industry as a whole, to deliver high-quality care and protect their safety.

It is common in India to ask for a driving licence for proof of identification be it for renting a house or giving away a bride, it is the longest-standing ID for Indians after Voter’s ID. By using a digital driving license verification solution, checking driving licence numbers can be done remotely, and only verified customers or users can be allowed access to digital platforms, online services, and secure shared economy services like renting a car or booking a hotel online.

In a year where headlines were dominated by the global economic and geopolitical uncertainty around Russia’s war on Ukraine, 2022 saw a threat landscape that was both volatile and fragmented, largely due to the war. As the year drew to an end, ransomware hit a peak, primarily due to the rise in attacks impacting the manufacturing, health care, technology and telecommunications industries.

When Arctic Wolf surveyed over 900 decision makers across the globe, an area of cybersecurity that kept reappearing in responses was cloud security. Last year, cloud adoption rate was at 99% but only 19% of those organizations were implementing cloud security posture management (CSPM) solutions. As cloud-originated breaches increase, it’s no surprise then that cloud concerns are also rising.

Free and open access is one of the core principles upon which Elastic was originally built and continues to operate. Our products are free to use, and much of our code is accessible in public source code repositories. In recent years, this commitment to transparency and availability has extended to our security offerings.

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

I was inspired to write this after reading a post from Thomas Depierre on Mastodon. The post touched on something that’s been troubling me recently. When it comes to software security, we spend a lot of time talking about the software supply chain and related concepts, such as the software bill of materials (SBOM). This metaphor comes from an industrial lexicon. People who are used to talking about economies and how manufacturing works are familiar with the idea of supply chain.

Mass assignment, also known as autobinding or object injection, is a category of vulnerabilities that occur when user input is bound to variables or objects within a program. Mass assignment vulnerabilities are often the result of an attacker adding unexpected fields to an object to manipulate the logic of a program.