Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Technology

Hacker-Powered Security

This episode is a deep dive into how startups can leverage the power of crowd sourced hackers to find bugs and security issues in your apps. Ben Sadeghipour has over 685 vulnerabilities found in major sites such as Snapchat, AirBnB and even the U.S. Department of Defense, Hacker One helps companies by providing tools to help with response assessments and running their bug bounty programs.

Devo Joins AWS ISV Workload Migration Program

Devo’s strong relationship with Amazon Web Services (AWS) recently expanded to include our participation in the AWS ISV Workload Migration Program. This is important to cloud developers, DevOps engineers, solution architects (particularly cloud SAs), and cybersecurity architects working at organizations ready to transition their data to the cloud.

NC Protect for Microsoft 365 and SharePoint Advanced Information Protection & Compliance

Organizations have sensitive data spread across on-premises and cloud based platforms. This present a major challenge for IT to ensure data integrity and security. NC Protect is both content and context aware to automatically find, classify and secure unstructured data on-premises, in the cloud and in hybrid environments.

New Phishing Attacks Exploiting OAuth Authentication Flows (Part 3)

This blog series expands upon a presentation given at DEF CON 29 on August 7, 2021. In Part 1 of this series, we provided an overview of OAuth 2.0 and two of its authorization flows, the authorization code grant and the device authorization grant. In Part 2 of this series, we described how a phishing attack could be carried out by exploiting the device authorization grant flow.

Netskope Threat Coverage: LockBit

LockBit Ransomware(a.k.a. ABCD) is yet another ransomware group operating in the RaaS(Ransomware-as-a-Service) model, following the same architecture as other major threat groups, like REvil. This threat emerged in September 2019 and is still being improved by its creators. In June 2021, the LockBit group announced the release of LockBit 2.0, which included a new website hosted on the deep web, as well as a new feature to encrypt Windows domains using group policy.

Securing IoMT devices to protect the future of Healthcare from rising attacks

The number of cybersecurity incidents reported within the healthcare industry has been steadily increasing since 2015 as the use of IoMT has become more widespread. With increasing numbers of IoMT devices being used for patient care, the attack surface among hospitals and doctors’ offices has grown dramatically as medical technology continues to expand.

Key Insights into Gartner Hype Cycle for Application Security 2021

Gartner Hype Cycle started as a graphical representation method to represent the adoption, evolution, and maturity of new emerging technologies. Over time, it has now transformed into a highly potent and reliable powerhouse of smart insights into how emerging technologies will evolve in the future.