Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.

The recent Federal Communications Commission (FCC) settlement with TracFone Wireless, Inc. (TracFone) for $16 million highlights a critical vulnerability within the mobile telecommunications industry: API security. The investigation revealed unauthorized access to customer data through weaknesses in TracFone's mobile carrier APIs. This incident reminds mobile carriers to prioritize robust API security measures to safeguard customer data and ensure network integrity.

In today's rapidly advancing technology landscape, the role of people in workflow automation and orchestration is more critical than ever. At Tines, we firmly believe that human oversight should be an integral part of important workflows, ensuring that all decisions are grounded in context and experience. AI in Tines is secure and private by design. This means the platform doesn’t train, log, inspect, or store any data that goes into or comes out of language models.

The OWASP Mobile Top 10 lists the foremost crucial security risks in mobile applications. This list is essential for developers, security professionals, and organizations to prioritize their resources while addressing mobile app development vulnerabilities in order of severity.

E-gift cards can be safe to buy; however, there are some risks you should consider before purchasing them. Some cybercriminals will buy e-gift cards with stolen payment information and then resell them to others for a profit. Because e-gift cards require little to no personal information, cybercriminals can get away with scamming people with e-gift cards. Continue reading to learn more about the risks of using e-gift cards and how you can avoid being scammed.

Black Hat 2024 has come and gone. The Nucleus team attending the show has (mostly) caught up on their sleep, which can mean one thing – a look back at the conference and our impressions of the event.

The article released on August 13, 2024 regarding the security update for Windows 11 for hot fix KB5041571 discusses the new features and improvements to the operating system. The security update includes changes to the lock screen, NetJoinLegacyAccountReuse, Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI), and Domain Name System (DNS). The article also includes a servicing stack update to improve the reliability of the Windows update process.

Hospitals face a challenging dilemma: delivering the highest quality of medical care while shielding patient and family data from ever-evolving cyber threats, all while ensuring that critical operations continue uninterrupted. At Trustwave, we understand the immense pressure hospitals are under and are dedicated to creating a safer digital environment where healthcare providers can thrive, and patients receive the uncompromised care they deserve.

File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security. “In file-sharing phishing attacks, threat actors exploit popular platforms and plausible pretexts to impersonate trusted contacts and trick employees into disclosing private information or installing malware,” the report says.

Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.