Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The 443 Podcast - Episode 305 - The White House Tackles BGP Security

This week on the podcast, we discuss guidance published by the US White House Office of the National Cyber Director that lays out a roadmap for addressing key security concerns in the BGP routing protocol. Before that, we cover a security research post from Jfrog detailing a new python package hijacking method under active exploitation as well as an analysis of the Microsoft Windows Wi-Fi driver remote code execution vulnerability patched last June.

Abusing Ubuntu 24.04 features for root privilege escalation

With the recent release of Ubuntu 24.04, we at Snyk Security Labs thought it would be interesting to examine the latest version of this Linux distribution to see if we could find any interesting privilege escalation vulnerabilities. I’ll let the results speak for themselves: During our research, we successfully identified a privilege escalation from the default user on a fresh Ubuntu Desktop installation to root.

As Security Budgets Cool, CISO's Warm Up to New Ideas

Security spending is losing momentum with a third of CISOs reporting flat or reduced budgets this year. These numbers come from a recent annual survey of 755 cybersecurity decision-makers conducted by IANS Research. Decreased spending in the face of growing cyberattacks put pressure on security leaders to find better ways to optimize their processes. Fortunately, CISOs are discovering solutions for this problem by following the tried-and-true tactics of simplification, consolidation, and innovation.

Revolutionizing Security Testing: Advancements in Automated DAST on Real Devices

With organizations continuing to build and enhance their mobile applications and developers embracing new ways of building applications to improve the speed to market and customer experiences, billions of dollars are invested in Appsec tools. However, 85% of these applications still contain known vulnerabilities, and most breaches occur at the application layer. Automated DAST helps in combating such vulnerabilities.

How To Use an Authenticator App

To use an authenticator app, you will need to choose one that suits your security preferences, scan the QR code or enter the key, securely store your backup codes and sign in to your account. An authenticator app verifies your identity by generating random numeric codes that you will enter with your username and password to access an account.

How Did My Bank Account Get Hacked?

If you’ve realized your bank account got hacked, you are most likely panicked and want to secure your finances as soon as possible. You may even be wondering how something like this could have happened to you. Your bank account could have gotten hacked due to various cyber attacks, including brute force, phishing, SIM swapping, credit card skimming or Man-in-the-Middle (MITM).

Security Automation - As Easy As Making Tea?

I worry that a lot of my blog posts reveal that I’m getting older and older as the days go by, but I wanted to talk about teasmades and security automation. For those of you outside of the UK, and even those born in the UK within the past 30 years, there’s a distinct possibility you may read this and consider it to be a made-up word, but there is indeed such a thing as a teasmade – effectively a small machine for making tea that has a timer on it.

Examining the Intersection of Cybersecurity and Automation in 5 Different Industries

Traditional cybersecurity solutions are constantly being supplemented and enhanced by new technology and practices. Industry leaders know that keeping up with digital security advancements is the best way to ensure the success of every company and that customers rely on them. Understanding how experts merge cybersecurity and automation in different industries is an excellent way to embrace this expanding movement.