Insufficiently protected open ports can put your IT environment at serious risk. Threat actors often seek to exploit open ports and their applications through spoofing, credential sniffing and other techniques. For example, in 2017, cybercriminals spread WannaCry ransomware by exploiting an SMB vulnerability on port 445. Other examples include the ongoing campaigns targeting Microsoft’s Remote Desktop Protocol (RDP) service running on port 3389.
According to Wappalyzer, PHP powers over twelve million websites. Not bad for a 28-year-old language! Despite its age, PHP has kept up with modern development practices. With support for type declarations and excellent frameworks like Laravel and Symfony, PHP is still a great way to develop web apps. PHP works well in containerized environments. With an official image available on Docker Hub, developers know they can access well-tested PHP container images to build on.
Ruby, much like other programming languages, has an entire ecosystem of third-party open source libraries which it refers to as gems, or sometimes Ruby gems. These gems are authored by the community, and are available from RubyGems.org which is the official registry for Ruby libraries. Similarly to other open source ecosystems, threat actors may publish deliberate malicious code or such which includes backdoors or credentials harvesting.
In recent years, there has been increasing amounts of ransomware attacks on colleges and universities due to poor cybersecurity practices, a higher likelihood of ransom payment, and the value of information involved. The entire education sector performs poorly as a whole compared to other sectors when it comes to data security, and hackers are quickly taking notice.
The rising number of cyber attacks against software applications has emphasized how security must serve as an important factor in software development. More than the traditional Software Development Lifecycle (SDLC) procedures, now security-integrated development lifecycles are being widely adapted. These aren’t the typical security assessments that are performed at the very end of development of the application, but embedded throughout the lifecycle.
When it comes to hackers exploiting vulnerabilities in their software, organizations have two choices: They can fight the multi-headed hydra — or they can try to buy them off. And thus was born the bug bounty. Of course the situation is a bit more complicated than that, but ever since Peiter C.
Hackers use many tools at each stage of an attack. These tools are often readily available online, both free of charge and to buy, and easy to use for non-technical cybercriminals. Understanding a hacker’s tools and tactics is essential for cyber security practitioners and vendors aiming to build effective defenses and stay one step ahead of a quickly evolving host of cyber threats.
Accelerated digitalization due to the pandemic and the need to adapt quickly to distance learning made schools the perfect target for cybercriminals. Moreover, compared to universities and based on disadvantages in terms of available technology and skills, primary and secondary education was even less prepared to meet the new security challenges posed by increased exposure and heightened risks.
In our 10th episode of the Future of Security Operations podcast, Thomas speaks to Jay Thoden Van Velzen, Multi-cloud Security Operations Advisor at SAP. Prior to Jay’s current role, Jay scaled the Security Development Operations (SecDevOps) team from five to 25 team members across three continents and five countries and was the Initiative Lead for multiple security improvement programs for multi-cloud across SAP. Topics discussed in this episode.
For the next instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve welcomed Israël Hallé, Co-Founder of Flare Systems. Israël’s experience includes working with the Merchant Protection and Checkout team at Shopify. After that, he was a malware analyst and a reverse engineer at Google where he hunted down new malware threats and introduced automation operations through big data analysis.
