This is a continuation of the series on web application security. If you haven't already read through part 1, this is a good time to go back. If not, let's move on and answer the question left hanging during our last installment: how do browsers know which site set the cookies in the first place? And what constitutes the same site?

Security testing aims to find vulnerabilities and security weaknesses in the software/ application. By subjecting the software or application to controlled security scenarios, cyber security testing ensures that the system is adequately prepared to withstand attacks and unforeseen failures. Security experts and testers use different types of security testing to identify potential threats, measure the probability of exploitation of vulnerabilities, and gauge the overall risks facing the software/ app.

Imagine you’re all prepared to roll out your latest feature, and suddenly, right before launch, you discover a security vulnerability concealed in your code. Depending on the severity, developers can spend anywhere from 7 hours to days or even months finding and fixing these vulnerabilities. A critical vulnerability could set your release back by weeks, while a simple fix might take a day.

Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack with varying tactics, techniques, and procedures (TTP). Between July and September, we witnessed a 140% increase in these spam campaigns. In this blog, we will showcase the different spam techniques used in these phishing emails.

Deploying large language models (LLMs) securely and accurately is crucial in today’s AI deployment landscape. As generative AI technologies evolve, ensuring their safe use is more important than ever. LLM guardrails are essential mechanisms designed to maintain the safety, accuracy, and ethical integrity of these models. They prevent issues like misinformation, bias, and unintended outputs.

It’s Cybersecurity Awareness Month and you know what that means. We spend every spare hour waiting for The Great Pumpkin. As many of us know, (and we’re going to stretch this analogy to the limit) Linus actively created an environment that would attract The Great Pumpkin by establishing the sincerest pumpkin patch in the neighborhood. Furthermore, he went on the offensive to attract others to his belief that The Great Pumpkin would appear on Halloween night.