Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Federal Trade Commission is alerting consumers about a next-level, more sophisticated family emergency scam that uses AI that imitates the voice of a "family member in distress". They started out with: "You get a call. There's a panicked voice on the line. It's your grandson. He says he's in deep trouble — he wrecked the car and landed in jail. But you can help by sending money. You take a deep breath and think. You've heard about grandparent scams. But darn, it sounds just like him.

Following CEO and Co-Founder Aleksandr Yampolskiy’s attendance at Davos, and SecurityScorecard’s subsequent visit to Geneva to meet with world leaders at WEF Headquarters, Alex spoke this week to another community of WEF members near our headquarters in New York City during the Forum’s New Champions Leadership Dialogue. New Champions companies are mid-sized organizations transforming industries through new business models and market disruptions.

Cloud privilege escalation is a growing concern for organizations as they embrace cloud-based infrastructure and services. To address the risks associated with privilege escalation, it's vital to implement robust security practices. In this post, we’ll cover privilege escalation as it relates to cloud security risk and the best practices for mitigation.

In today’s business landscape, managing risk has become an increasingly critical concern. The “usual” risks (such as data breaches) paired with the completely unforeseen ones (like the collapse of SVB) have made companies more cautious with their next steps. With tighter budgets and limited resources, it can be quite challenging for CISOs and CTOs to effectively manage risk while ensuring business continuity.

New security vulnerabilities are emerging every day. The number of new disclosed cyber vulnerabilities jumped 25 percent in 2022, and the number of known exploited vulnerabilities—ones observed to be exploited by malicious actors in the wild—nearly doubled from 2021 to 2022. Remediating vulnerabilities rapidly and effectively reduces the likelihood of your organization becoming the victim of a cyber attack. Consider.

Unit tests are indispensable to check and prove that our code functions properly. But in unit testing, we only test the scenarios that we are aware of. However, there are scenarios unknown to us that lead to security vulnerabilities or performance problems. To address these scenarios, you can add fuzz tests in order to effectively find security, reliability, and even logic bugs in your code.

A Web Application Firewall (WAF) is a security solution designed to protect web applications from various attacks, including SQL injection, cross-site scripting (XSS), and others. There are two types of WAF: on-premise and cloud-based.

A supply chain attack that targets customers of the 3CX Voice Over Internet Protocol (VoIP) desktop client has been discovered. Threat actors have created a digitally signed and malicious version of the software, which is being used to target both Windows and macOS users of the app. The threat actors are deploying second-stage payloads and are believed to be linked to a North Korean state-backed hacking group, , although this attribution has not been confirmed.