Keeper Security is pleased to announce that passphrases are now supported in the Keeper Vault. Passphrases provide a highly secure yet easy-to-remember approach to logins for all users, and can be both generated and stored with Keeper. Keeper’s passphrase generator is a new option within its existing password generator. Users and admins will have the choice of which generator they would like to use or enforce for their organization.

Brute force attacks are one of the most common methods used by cybercriminals to steal credentials from organizations. To prevent brute force attacks, organizations need to enforce the use of strong and unique passwords, invest in a business password manager, require employees to enable MFA, monitor and limit login attempts, implement passwordless authentication and delete inactive accounts.

Every day, more people get online - most do it for leisure, but organizations are increasingly moving into the digital environment. The increasing number of these new end-point users makes it clear that the cyber world must evolve. No longer can experts argue for unique platform passwords when password fatigue is prominent, nor can cybersecurity defenders protect all the various attack junctures across multiple platforms and tools.

If over 40 major banks can be the target of JavaScript injection attacks, let’s be honest – so can you. In 2023, a malware campaign using this attack method affected 50,000 user sessions across more than 40 financial institutions worldwide, leaving many dev teams in pure damage-control mode. A large number of professional developers (especially front-end developers) use JavaScript more often than any other programming language.

The ransomware landscape is evolving with increased competition among threat groups and the emergence of new ransomware operations. However, victim organizations and potential targets are strengthening their security measures and procedures to prepare for potential ransomware attacks. Our latest quarterly report for Q1 2024 shows a significant decrease in ransomware incidents, down to 1,048 cases, representing a 22% decline compared to Q4 2023.

Security researchers have identified a vulnerability, CVE-2024-27322, in the R programming language that permits arbitrary code execution by deserializing untrusted data. This flaw can be exploited when loading RDS (R Data Serialization) files or packages, which are commonly shared among developers and data scientists. An attacker can craft malicious RDS files or packages containing embedded arbitrary R code, triggering execution on the victim’s device upon interaction.

While Palo Alto Networks has not released patches for all affected versions, CyCognito has conducted active tests across all customer realms and 97.5% of CyCognito customers’ affected devices are no longer exploitable.

Data is not just a strategic asset. It’s the lifeblood of your organization. Losing access to any strategic asset can threaten an organization’s viability; without plants and equipment, manufacturers would find it difficult to succeed, and service providers can’t operate without brand recognition. Similarly, without data, your organization could be left in a state of complete and utter paralysis, unable to function or recover.

The Gartner research paper “What You Need to Do to Protect Your APIs” outlines key requirements for bolstering API security measures. In this blog post, we’ll delve deeper into these requirements as introduced by Gartner, explain their significance, and demonstrate how AppSentinels offers comprehensive solutions for each requirement. As per Gartner, the second step is to assess the security of these APIs.

The cloud provides multiple benefits for running services and storing data. Just like with data stored on-premises, data stored offsite and in the cloud should be backed up. Data stored in the cloud is not invulnerable by default, as the risk of data loss is still present due to accidental deletions and cloud-specific threats. At the same time, the cloud can be useful for disaster recovery.