Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

There’s a new cybersecurity challenge threatening the identity processes and systems of organizations worldwide: identity fatigue.

Non-humans are everywhere these days. Sure, you’ve seen the much-deserved hype about how AI-powered tools like ChatGPT are going to change everything. But there are plenty of more mundane non-human entities that you interact with in your daily life: the smart thermostat program that knows to cool down your house at a certain time every day, the application on your phone that suggests directions to a place you’ve searched for, and many others.

In this post, we’re going to learn how Foundry can be used to write a proof of concept (PoC) for uninitialized smart contract vulnerabilities. We will take a look at and exploit a simple uninitialized smart contract vulnerability we found in BadgerDAO. If you are familiar with this type of vulnerability, jump straight to the Foundry PoC section. You can also find the PoC code on this GitHub repository.

Vietnam’s government is taking steps to combat online scams and other forms of cybercrime by making it mandatory for users of Facebook, TikTok, and other social media networks to verify their identities using real-time identity verification. According to the Global Anti Scam Alliance, Vietnam has one of the highest rates of online fraud in Asia.

Healthcare cyberattacks are increasing in “frequency, severity and sophistication,” said Nitin Natarajan, U.S. Cybersecurity and Infrastructure Security Agency (CISA) deputy director, in his recent HIMSS23 Healthcare Cybersecurity Forum keynote. Attacks on hospitals have surged by 86% since 2021, with the average healthcare organization experiencing two or more ransomware attacks in the past year. “And this is going to continue to increase,” Natarajan warned.

In today’s Trust Issues episode, Dusty Anderson, a managing director of Global Digital Identity at the consulting firm Protiviti, digs into all things DevSecOps and cautions against a one-size-fits-all approach. In conversation with host David Puner, Anderson emphasizes the significance of strategic planning and well-defined goals – demonstrating how bite-sized steps can add up to major security wins and bottom-line benefits over time.

In 2023, India’s Aadhaar system has become a critical component of the country’s financial infrastructure. With over 1.3 billion registered users, Aadhaar has enabled a range of digital services that were previously impossible, including eKYC (electronic know-your-customer) for financial institutions. In this blog, we’ll explore the benefits of Aadhaar eKYC for businesses and consumers alike.

Recently, a new trend has emerged in the world of ransomware: intermittent encryption, the partial encryption of targeted files. Many ransomware groups, such as BlackCat and Play, have adopted this approach. However, intermittent encryption is flawed. In this blog post, I will introduce White Phoenix, a tool my team built that takes advantage of the fact that those files aren’t entirely encrypted and can, in the right circumstances, salvage some content from the unencrypted parts of the files.

The need for strong identity security protocols for humans has been a given for years. Your organization likely has multiple layers of controls to ensure that access to sensitive assets is limited to those that need it. But a certain large, global (well…multi-global) organization that comes to mind on this May the Fourth also had layers of human identity controls that adhered to the principles of least privilege.