Data leaks are a type of data loss threat that often fly under the radar — making them potentially more damaging than a malware or ransomware attack. Compared to data breaches, data leaks put customer information at risk accidentally. Data leaks can lead to credit card fraud, extortion, stolen IP, and further attacks by cybercriminals who seek to take advantage of security misconfigurations.
With our recent 7.16 Elastic Security product release, we improved our existing Linux malware feature by adding memory protection. In this blog, brought to you by Elastic’s Engineering Security Team, we lean into this recent advancement to show how we are protecting the world’s data from attack.
In part two of our 2022 cybersecurity predictions series, Devo Security Engineering Director Sebastien Tricaud explained Web3 and new security testing trends. While cybersecurity tools and approaches are certainly evolving quickly, so are cybercriminals. Here are my insights on cyberthreats and attacks we should expect to see more of this year.
In recent weeks a critical vulnerability (CVE-2021-44228) has been discovered in Log4j2, a popular logging library for Java applications. Attackers can exploit this flaw by performing Remote Code Execution (RCE) on any systems where it is implemented.
Since the introduction of Bitcoin in 2009, and as a result of the global recession during that period, cryptocurrency have been a much-discussed topic across technology, finance, and even global policy. The news is dominated by stories of its impact on our lives and businesses.
Few programming languages generate the same love-hate relationship as JavaScript. For many websites, JavaScript (JS) is a critical coding component that drives client-side programming. Yet JS is also extremely vulnerable to attack since it is easy for hackers to input query strings into website code to access, steal, or contaminate data. Knowing whether your JavaScript is secure is crucial to maintaining a safe user experience for your clients and customers.
Digital forensics is about answering questions and building timelines. Who did what and when. When something malicious takes place on a computer there is evidence that can be collected and used to reconstruct what exactly happened. Depending on the type of events that need to be reconstructed, the evidence required may be difficult to retrieve. In order to make the lives of DFIR professionals easier, LimaCharlie has integrated the Velociraptor open source endpoint visibility tool.
I was logging into one of my favorite online shopping sites the other day, and, as with all my other sites, I was presented with the multi-factor authentication prompt to complete the login process. Anyone who knows me, knows that I have been a long-time supporter of multi-factor, or 2-step verification of any kind.
Several layers of protection guard the data you store in 1Password, but is it enough to defend against cyberattacks like credential stuffing?
URLs have forever changed the way we interact with computers. Conceptualized in 1992 and defined in 1994, the Uniform Resource Locator (URL) continues to be a critical component of the internet, allowing people to navigate the web via descriptive, human-understandable addresses. But with the need for human readability came the need for breaking them into machine-usable components; this is handled with URL parsers.
