Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Something to look out for in Windows land…

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information like passwords, email addresses, and bank details.

The Payment Card Industry Data Security Council created PCI DSS as the global standard for protecting payment data. The PCI DSS is the compliance stick to which entities that transmit, store, handle, or accept credit card data of any size must adhere. Recently, PCI DSS came up with version 4.0. In this blog, we delve deeper into the new version and explain why securing APIs is critical for PCI DSS compliance and how organizations can do so.

Microsoft Windows is the world’s most widely used desktop operating system (OS). It accounts for more than 70% of market share as of February 2024, according to market research firm Statista, and can be found on more than 1.4 billion active devices. As with any software vendor, Microsoft continuously evolves their OS with the release of updated versions that offer new features and functionality.

In the digital era, the rapid increase in online data has made it crucial to strengthen cybersecurity measures against cyber criminals. According to Cybersecurity Ventures, global spending on cybersecurity solutions could reach an impressive $459 billion annually by 2025. Whether it's a multinational corporation or a small start-up, organizations across the globe are increasingly recognizing the need to protect their digital assets from potential threats.

Data breaches, malware attacks, and insider threats pose constant risks to businesses of all sizes. To protect your valuable data and critical infrastructure, you need a robust endpoint security solution. CrowdStrike Falcon stands out in the market, offering unique features like next-generation antivirus (NGAV) and endpoint detection and response (EDR). Before deciding, it’s essential to grasp these distinctive strengths and weaknesses.

Fully understanding open-source licenses is crucial for your projects and organization. Let's look at where these licenses come from and how they can impact your applications.

In today's interconnected world, the digital landscape holds both promise and peril. As guardians of sensitive information, organizations must remain vigilant against the looming threat of data breaches. Recently, a concerning incident has come to light, underscoring the critical importance of robust cybersecurity measures. Let's delve into the breach that has rocked the digital realm, affecting the esteemed Ministry of Rural Development's database.

What comes to your mind when you think of a secret? To protect it in whichever manner you could, right? In the real-world scenario, it’s our nature and our self-control how we can manage our secrets and protect them but matter gets different when it comes to the virtual world. In the virtual world, a secret is anything that you aim to rigidly control access to, such as passwords, tokens, API & encryption keys, or certificates.

What is ASM, sometimes called EASM? A simple definition of External Attack Surface Management (ASM or EASM) is the process of defining and securing your organization from the outside-in. Your organization’s attack surface is made up of all the assets belonging to your organization, all of your vendor-managed assets, Cloud and SaaS assets, and all of their external third-party, fourth-party, and Nth-party connections that are visible to an outsider.