In 2002 I sat in a local bookstore in Jackson Hole, WY that offered a few Internet-connected computers for hourly use. After chatting with the owner and petting the resident store dog, I took a few guesses at the password protecting these computers. It took me maybe 10 attempts. It was, of course, some variation of the dog’s name. While this is a very dated story, it’s this kind of story that still drives many people’s perception of why a strong password is necessary.
Business email compromise (BEC) occurs when cybercriminals scam organizations by compromising sensitive data through email accounts for financial gain. FBI research shows that BEC is currently the most costly digital crime, far surpassing ransomware to account for US$49.2 million in victim losses in 2021. BEC is also known as email account compromise (EAC) or 'man-in-the-email' scamming.
The Federal Bureau of Investigation (FBI) recently released a Flash Report regarding BlackCat Ransomware breaches. This ransomware as a service (RaaS) has compromised at least 60 entities worldwide and is the first ransomware group to do so successfully using RUST, considered to be a more secure programming language that offers improved performance and reliable concurrent processing.
Coverage-guided fuzzers, like Jazzer, maximize the amount of executed code during fuzzing. This has proven to produce interesting findings deep inside the codebase. Only checking validation rules on the first application layer isn’t providing great benefits, whereas verifying logic in and interactions of deeply embedded components is. To extend the amount of covered code, the fuzzer tries to mutate its input in such a way that it passes existing checks and reaches yet unknown code paths.
APIs are a crucial tool in today’s business environment. Allowing applications to interact and exchange data and services means that companies can provide an ever-greater range of features and functionalities to their clients quickly and easily. So, it is no wonder that a quarter of businesses report that APIs account for at least 10% of their total revenue - a number that will only increase in coming years.
