Cross-Site Request Forgery (CSRF) is a serious web security vulnerability that allows attackers to exploit active sessions of targeted users to perform privileged actions on their behalf. Depending on the relevancy of the action and the permissions of the targeted user, a successful CSRF attack may result in anything from minor integrity impacts to a complete compromise of the application.

From email compromise to insider threat, manufacturing businesses are under pressure to defend themselves effectively from threats across their environment. Drawing on insights from the recent Kroll report, The State of Cyber Defense: Manufacturing Resilience, this article outlines the primary threats currently impacting manufacturing companies.

In this episode of the Trust Issues podcast, Debashis Singh and host David Puner explore the intricate world of digital transformation and identity security. Debashis, the Global CIO at Persistent Systems, shares his frontline insights on the singular challenges and strategies organizations face on their digital transformation journeys.

Attackers and bot authors are continually evolving their methods, shifting their focus beyond just websites. With websites often having a reasonable level of protection, malicious actors are increasingly targeting less-protected areas, namely APIs, with their bots. This blog post delves into the evolving threat landscape. We’ll focus on how attackers exploit APIs and IoT devices to launch attacks like credential stuffing, using streaming services as a prime example.

The National Institute of Standards and Technology (NIST) helps organizations implement best practices across their operations, including cybersecurity. In particular, NIST password guidelines outlines are considered the gold standard for solid password creation and management policies.

Welcome to our post-release blog post where we share the latest GitProtect enhancements and new features launched with version 1.8.0. Although we believe that these changes could not have been missed!

Experience the heat of innovation at BSides Las Vegas 2024, where cybersecurity experts tackle AI security, passwordless solutions, and zero-downtime credential rotation.

Nowadays, the security of your applications is just as important as the functionality they provide. Therefore, analyzing your code for security vulnerabilities is a vital part of maintaining the integrity of your applications and protecting your users' data. As developers, we are at the front lines of this battle. It's our responsibility to ensure that the code we write is not just functional and efficient but also secure.

As we reflect on the first half of 2024, it seems to me that two defining features so far have been a litany of significant cyber attacks on companies across every sector, and widespread adoption of AI tools as businesses seek to innovate. At the heart of this storm of cyber threats is the CISO, looking to guide their business safely through potential dangers. Last month, Netskope undertook research examining how CISOs view their role and asking how they’re approaching these challenges.

In today’s rapidly changing cybersecurity environment, organizations must share threat intelligence efficiently and effectively to stay ahead of potential threats. Recognizing the critical need for seamless collaboration, ThreatQ provides native support as a TAXII Server within its ThreatQ Data Exchange. This feature allows Authorized TAXII Clients to access and benefit from shared threat intelligence, enabling the creation of larger, more robust cybersecurity communities.