Smart devices are amazing, and they make our lives easier. Smart light bulbs for your home allow you to change the color and schedule lights to turn on and off based on your activities. Internet-connected cameras allow us to monitor our homes with phone apps. Unfortunately, even a device as simple as a light bulb connected to your WiFi can be a gateway for cybercriminals to launch an attack. It happens, and it can happen to you.
APIs account for more than half of the total traffic of the Internet. They are the building blocks of many modern web applications. As API usage grows, so does the number of API attacks. And so now, more than ever, it’s important to keep these API endpoints secure. Cloudflare’s API Shield solution offers a comprehensive suite of products to safeguard your API endpoints and now we’re excited to give our customers one more tool to keep their endpoints safe.
A phishing campaign is targeting the tourism and hospitality industries, according to researchers at Votiro. “In this instance, the hacker booked a room at an international hotel and submitted a request for the hotel to get in touch with them immediately via WhatsApp about an urgent issue,” the researchers write. “Once the hotel employee engaged the customer over WhatsApp, the hacker responded with their request.
With the rapid adoption of Kubernetes in organizations and the push to standardize the orchestration of resources with this approach, databases are now also being deployed into Kubernetes. Historically, persistent workloads like databases were not recommended for their deployment into Kuberntes as it was complex to manage how data would be stored. This was a result of Kubertnes originally being designed for non persistent microservice architectures.
Advanced Medical Management is a technical and healthcare management service that offers administrative and technical support to healthcare companies. The provider works with large-scale companies and their data in the process. It was alarming to learn the company suffered from a recent data breach, making its information available to individuals that shouldn't have it.
While Gen AI tools are useful conduits for creativity, security teams know that they’re not without risk. At worst, employees will leak sensitive company data in prompts to chatbots like ChatGPT. At best, attack surfaces will expand, requiring more security resources in a time when businesses are already looking to consolidate. How are security teams planning to tackle the daunting workload? According to a recent Morgan Stanley report, top CIOs and CISOs are also turning to AI.
Session management security is an essential component of web application development. It safeguards user sessions and prevents unauthorized access. Managing sessions secures the confidentiality, integrity, and availability of sensitive user data. It also protects user privacy at large — which is essential to maintaining user trust in an application. When we manage sessions securely, we establish processes to destroy session tokens when users log out or their session ends.
Cyber risk trends are constantly evolving, driven by the pace of technological advancements that streamline business processes yet can introduce vulnerabilities in your company’s attack surface. With increased use of SaaS, cloud solutions, APIs, and third-party services, companies have many exposed and connected internet-facing assets that they’re unaware of, providing an open door for attackers to exploit.
Imagine the following scenario. A developer is alerted by an AI-powered application security testing solution about a severe security vulnerability in the most recent code version. Without concern, the developer opens a special application view that highlights the vulnerable code section alongside a display of an AI-based code fix recommendation, with a clear explanation of the corresponding code changes.
