In the pursuit of advancing security and transparency in the digital asset industry, Fireblocks has published our MPC-CMP code as open source under a limited license, along with the rest of our MPC library. As the demand for digital asset custody, tokenization, and Web3 among retail and financial institutions continues to rise, Fireblocks MPC-CMP has proven to be the most secure and reliable key management protocol.
The Cybersecurity and Infrastructure Security Agency (CISA) just released a report highlighting the most commonly exploited vulnerabilities of 2022. With our role as a reverse proxy to a large portion of the Internet, Cloudflare is in a unique position to observe how the Common Vulnerabilities and Exposures (CVEs) mentioned by CISA are being exploited on the Internet. We wanted to share a bit of what we’ve learned.
The CrowdStrike Falcon® platform recently earned the SE Labs AAA award by delivering 100% attack detection with zero false positives in the Q2 2023 SE Labs Enterprise Advanced Security (EAS) test. The platform achieved perfect scores across every evaluation category. This year’s evaluation presented a unique challenge to testing participants. SE Labs tested solutions to a full kill chain attack, from initial contact through reconnaissance, data exfiltration and lateral action.
There is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about travel-themed phishing attacks, and Forbes just posted a great reminder about the dangers of sharing your boarding pass on social media. Read below for their advice.
Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. The analysis, by Comparitech, looked at 478 confirmed ransomware attacks on manufacturing companies between 2018 and July 2023, in an attempt to determine their true cost.
State-sponsored threat actors continue to exploit legitimate cloud services, and especially one group, the Russian APT29 (also known as Cozy Bear, Cloaked Ursa, BlueBravo, Midnight Blizzard, and formerly Nobelium), seems to be particularly active. Between March and May 2023, security researchers at Recorded Future’s Insikt Group have unearthed a cyber espionage campaign by the same threat actor allegedly targeting government-sector entities in Europe with interest in Ukraine.
IT risk assessments are vital for cybersecurity and information security risk management in every organization today. By identifying threats to your IT systems, data and other resources and understanding their potential business impacts, you can prioritize your mitigation efforts to avoid costly business disruptions, data breaches, compliance penalties and other damage.
Businesses are realizing the value of bot management tools as part of their application security strategy, with the control set expected to mature towards mainstream adoption in less than two years. This is according to the latest Hype Cycle™ for Application Security by Gartner®, released this month.
In the realm of cybersecurity, the RockYou.txt wordlist has become a household name. It’s a tool used by security professionals to test the strength of network security. However, like many tools in the digital world, it can also be misused by malicious actors. In this blog post, we’ll delve into the history of RockYou.txt, its uses and how to protect your organization from potential threats associated with it.
