Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you’re responsible for security, then you know how useful it is to have clearly-defined security policies that are simple to implement, scale, and verify. Product and AppSec teams know that great security policies empower teams to work autonomously so that work moves forward as it should. However, validating that your security policies are actually implemented is difficult.

Not everything on your attack surface is a vulnerability. Every organization has their own internal security policies that align with the risk tolerance of their business context. While industries like SaaS are often deploying several daily releases to production from multiple geographies, other industries might not tolerate this level of risk due to internal or external factors like complex regulatory requirements.

Read also: Microsoft fixes a Windows zero-day, Mango Markets DeFi platform robbed of over $100M, and more.

MSPs are being targeted by cybercriminals, as a single successful attack opens the door to multiple victims. This puts additional pressure on cybersecurity partners to step up the security services they offer their customers. The figures are worrying, as 9 out of 10 managed service providers state they have suffered a successful cyberattack since the start of the pandemic. This means MSPs are overtaking end users as the main target of malware, ransomware, phishing and other threats.

In a new article for HelpNet Security, Leon Juranic, security research team lead at Mend, states the case for taking proactive defensive steps against a new attack called Evil-Colon. Evil-Colon works similarly to the now defunct Poison-NULL-Byte attacks, and it has the potential to cause severe disruption to your code if not properly addressed. What does all this mean? In a nutshell, it’s possible to exploit applications that are performing path-based operations with user input in various ways.

The government of a U.S. county announced on September 11 that a recent cyber incident had disrupted its online services. Subsequent coverage of the event has noted that it strongly resembles a ransomware attack. The disruption comes against a backdrop of frequent ransomware activity targeting state and local governments and the education sector.

Globally, fintech firms saw 2.5 times more attacks in Q1 2022. The BFSI industry is prone to cyberattacks every day. Fintech firms carry some vital data. Cybercriminals know it. They aim to exploit your system’s flaw to access the data. The worst part is they will use it for financial fraud. A successful data breach causes penalties and reputation losses. It scares away your customers. It is even motivating cybersecurity in Fintech. How do you make a secure financial platform?