Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A joint advisory on LockBit 3.0 ransomware, CISA’s latest tool which detects hacking activity in Microsoft cloud services, and ScarCruft’s evolving arsenal.

The Advancement in technology and online payment transaction has offered an immense amount of convenience to both consumers and businesses. The ease and widespread acceptance of online payment including the credit/debit card transaction has streamlined business processes and payment transactions greatly.

The encoding scheme you choose as a developer can have far-reaching consequences for your application’s functionality, security, and performance–in other words, it could be the difference between a seamless user experience and a catastrophic data failure. ASCII is a popular choice, with over 95% of all websites using it, and Unicode is quickly gaining ground for many applications on over 60% of websites.

Regardless of the techniques used, going big, expensive, and glossy – while potentially useful - doesn’t replace the need for a well-reasoned approach to securing assets founded on traditional activities and principles. Innumerable assets are housed behind APIs, and the widespread use of APIs means they are high-profile targets. Securing them is of the utmost importance.

Legitimate cloud storage services are increasingly being exploited for cyber espionage, so the discovery of a similar operation in the context of the Russian invasion of Ukraine was just a matter of time.

In today’s digital age, responding to multi-national threats, peacekeeping missions, and combat operations, all with numerous stakeholders involved, requires the twin challenges of information security and information sharing to be confronted and successfully addressed. This is especially true when sharing sensitive or classified information on military operational plans and supporting intelligence data seamlessly.

Banks are entrusted with a great deal of personal information, money, and more by their customers. When a bank isn't able to secure those things, it's a major issue. This is an issue that the Tri-Counties Bank in Chico faced earlier this year. It wasn't money that the bank failed to protect, but customer information. The bank suffered from a serious cyber attack and lost confidential information in the process.

As the threat landscape continues to evolve, cybersecurity efforts must follow suit and organizations must mature their security operations (SecOps) capabilities to stop threats before damage occurs or minimize their impact. But what is the current average security operation maturity index in the organizations?

Kondukto and GitGuardian have teamed up to provide an integration that brings together their knowledge in AppSec orchestration and automated secrets detection.

In recent times, the hospitality industry has experienced a surge in malicious emails aimed at their employees, particularly customer service personnel who handle customer emails. These emails were carefully crafted to elicit a sense of urgency and trick hotel staff into clicking and opening them, using social engineering tactics.