Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Last month’s revelation that Okta had been hacked created a seismic impact in the world of security, with organizations still bracing themselves for the fallout from this incident. While resources, like Microsoft’s article on Lapsus$ (tracked as DEV-0537), have broadly dissected the attack vectors used in the group’s attacks, we wanted to expand on the broader trends and context surrounding the Okta hack.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about how a country and global economy is impacted when a cybercrime happens, how every citizen is victimized, and what governments are doing to mitigate this rising issue.

Web applications across the digital world are teeming with vulnerabilities increasingly equipped to defeat security mechanisms. Among them are injection attacks. We are aware of the many injection vulnerabilities present in a web application, for example, SQL injection, HTML injection, CRLF injection, cross-site scripting and many others. This article will discuss CRLF injection vulnerability in detail for web application security.

It’s almost that time of the year to file taxes in Portugal, so John opens the email he received asking him to submit his taxes. It’s from a bank he trusts, so he follows the instructions in the email and proceeds to download the attached PDF. Little did he know that when he clicked the links in the email body, the Lampion trojan was downloaded from an online server.

In an unsettling new phase of the cybersecurity era, Russia’s ground war in Ukraine and behind-the-scenes war on the internet have dovetailed into an upswing of cybercrime that may or may not be politically motivated. Time will tell how this online maneuvering ultimately plays out, but for the moment tension abounds as the cybersecurity community anticipates the next big attack.

In this blog post, we discuss the benefits of CSIRTs, as well as key issues to consider to ensure a fast and effective response in the event of a cyber-attack.

While the COVID-19 pandemic brought much of the world to work together to advance medical research and slow the spread of the disease, it may be of little surprise that cyber threat actors took advantage of the pandemic for their own personal gain. While all industries can be affected by a cybersecurity incident, the nature of the health and human services industry’s mission poses unique challenges.

While the C-suite is becoming increasingly aware of the threats bad cyber actors pose, many still harbour an antiquated impression of cybercriminals. We imagine hooded “hackers”, working alone in a basement, and of course, the stock image that accompanies the vast majority of media articles about cyber attacks depicts just this.

The first quarter of 2022 will be remembered as one of the most interesting quarters of the past years. A historical war changed cyber warfare rules entirely, New lethal groups made their debuts, causing major damage. Conti Group Leaks and Lockbit2.0 taking over provided us with many insights and paved the way to a new era.