In the ever-evolving landscape of cybersecurity, API attacks pose significant threats to organizations. These attacks, particularly the low and slow variety, are notoriously challenging to detect and mitigate. Salt Security stands out as the premier solution for identifying and addressing these sophisticated threats, setting a benchmark that competitors struggle to match. Here’s why Salt Security is unparalleled in catching low and slow API attacks.

In today’s connected world, our online presence is central to our lives like never before. We stay connected with our friends and family wherever they are through social media. Whereas in the past our social contact was limited to those who lived or worked nearby, now, through social media, we can connect with those with shared interests or beliefs anywhere in the world. Most of us use social media to stay in touch with those they care about.

MuddyWater deploys BugSleep malware, researchers discover malicious files on the npm registry, and Void Banshee exploits a Microsoft MHTML flaw.

As we are all very aware, being a technical person or layman, the recent CrowdStrike outage caused disruptions on a myriad of systems worldwide, affecting multiple industry sectors and millions of people in some way, shape, or format.

In a significant development in the realm of data security, Verizon Communications has agreed to a $16 million settlement with the Federal Communications Commission (FCC) following a series of data breaches at its subsidiary, TracFone Wireless. The breaches, which occurred between 2021 and 2023, have led to increased scrutiny on Verizon's data protection practices and will result in mandatory improvements to its security measures.

Any organisation that sends electronic marketing communications via phone, fax, email or text, uses web cookies, or provides communications services to the public falls under the scope of the PECR, and must be aware of its information security requirements.

With any IT environment, especially the public cloud, security is a top concern and priority. When leveraging the public cloud, one of the most important steps to ensuring a protected environment is recognizing the shared responsibility model, as it delineates the security obligations between the cloud provider and your organization.

On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt.

Log on as a batch job policy determines the accounts permitted to sign in through a batch-queue tool like the Task Scheduler service. When you schedule a task using the Add Scheduled Task Wizard, assigning it to run under specific credentials, that user is granted the right to log on as a batch job. At the designated time, the Task Scheduler service logs in the user as a batch job rather than an interactive user, executing the task within the user’s security parameters.