In the ever-evolving landscape of cyber threats, a subtle yet potent form of phishing has emerged — quishing, short for QR phishing. It has been 30 years since the invention of QR codes, yet quishing still poses a significant risk, especially after the era of COVID, when QR codes became the norm to check statuses, register for events, and even order food.

Software code is constantly growing and becoming more complex, and there is a worrying trend: an increasing number of open-source components are vulnerable to attacks. A notable instance was the Apache Log4j library vulnerability, which posed serious security risks. And this is not an isolated incident. Using open-source software necessitates thorough Software Composition Analysis (SCA) to identify these security threats.

It’s a concern for families everywhere: keeping kids safe online. For parents with teenagers, there’s the added complication of trying to balance a child’s safety with their right to privacy. But is online safety just families’ problem?

After attackers accessed around 591,000 customer accounts this year, Roku is making 2FA mandatory. Over two separate incidents, the first affecting 15,363 accounts and the second affecting roughly 576,000. In these cases, the attackers used the accounts to purchase streaming subscriptions and hardware stored in users accounts, the company has confirmed.

The Blackjack hacking group, reportedly associated with Ukrainian intelligence services, has claimed responsibility for a significant cyberattack impacting emergency detection and response systems in Moscow and surrounding areas.

A guest post by James Berthoty the founder of Latio Tech. The shift to cloud has meant an explosion in cloud security-related acronyms – so many that it can be difficult to know what you currently have versus what’s missing or available. First we bought CSPMs (Cloud Security Posture Management), then CWPPs (Cloud Workload Protection Platforms), then CNAPPs (Cloud Native Application Protection Platform), then CDRs (Cloud Detection Response), and now KDRs (Kubernetes Detection Response).

Many of our customers use Tines and Elastic to scale security operations efforts, integrate context and data enrichment into alerts, and investigate and react to alerts faster. Today, we'll explore how these two platforms, working together, help cloud engineers drive cost savings for the organization, while maintaining optimal performance.