security.didici.cc

Winter is coming … with a blizzard of live and virtual SANS Institute events

1 hour ago

Or a long, hot summer of cybersec training, depending where you are Paid Post  As security pros survey the months ahead, they may be resigning themselves to long winter nights or hot summer days spent fighting off cyber-attackers exploiting the end-of-ye ...

Panasonic admits intruders were inside its servers for months

4 hours ago

Spotted the crack after it ended – still not sure what was lost Japanese industrial giant Panasonic has admitted it's been popped, and badly.…

UK privacy watchdog wants to fine Clearview AI $31m

8 hours ago

Facial recognition network trialled by cops may have broken laws.

Armis Now Valued at $3.4B

9 hours ago

One Equity Partners led the $300 million round, increasing the valuation of Armis from the $2 billion valuation it achieved less than 8 months ago.

Stellar Cyber Raises $38M Series B to Address Need to Provide 360-Degree Visibility Across Entire Attack Surface

9 hours ago

Oversubscribed round, including Samsung, rewards technical innovations and rapid market adoption, positions company for continued leadership.

9 out of 10 Healthcare Organizations Provide Telehealth Services, Yet Almost Half Face Patients' Mistrust Toward Privacy

9 hours ago

Kaspersky surveyed healthcare decision-makers to learn how the digital transformation of the industry is going and which problems they believe should be solved to create a world in which everyone can gain access to quality care.

IKEA Email Systems Targeted in Cyberattack

10 hours ago

Attackers are reportedly targeting IKEA employees in a phishing campaign that leverages stolen reply-chain emails.

Google Analyzes Methods Behind GCP Workload Attacks

10 hours ago

The vast majority of cloud workload compromises stem from poor security configurations or compromised passwords, while cryptojacking is the common payload, research shows.

Phishing Remains the Most Common Cause of Data Breaches, Survey Says

11 hours ago

Despite heightened concerns over ransomware, fewer organizations in a Dark Reading survey reported being an actual victim of a ransomware attack over the past year.

Over 1,000 Individuals Arrested in Global Cybercrime-Fighting Operation

11 hours ago

HAECHI-II initiative represents Interpol's stepped-up efforts to tackle the operators of financially motivated online scams and other cyberattacks.

IKEA Hit by Email Reply-Chain Cyberattack

11 hours ago

IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads.

Panasonic Hit in Data Breach

11 hours ago

Tech firm reveals that data on one of its file servers was accessed by attackers.

Researchers Flag 300K Banking Trojan Infections from Google Play in 4 Months

11 hours ago

Attackers are honing Google Play dropper campaigns, overcoming app store restrictions.

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

13 hours ago

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea.

Unpatched Windows Zero-Day Allows Privileged File Access

15 hours ago

A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.

Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers

16 hours ago

Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts and recompiles itself.

NanoLock Security and Waterfall Security Partner to Deliver OT Security for Industrial and Energy Applications

18 hours ago

The solution combines NanoLock’s device-level, zero-trust protection with Waterfall’s hardware-enforced IT/OT perimeter protection to provide a powerful OT security solution that mitigates cyber events from both IT and OT networks.

Paving the Road to Zero Trust With Adaptive Authentication

18 hours ago

A gradual transition to a world beyond passwords predisposes zero-trust projects to success.

Wind turbine maker Vestas confirms recent security incident was ransomware

18 hours ago

10 days after attack 'almost all systems' up and running, refuses to say if ransom was paid Wind turbine maker Vestas says "almost all" of its IT systems are finally up and running 10 days after a security attack by criminals, confirming that it had indee ...

AFP targets BEC, phishing with new cybercrime centre

1 day ago

JPC3 to launch in March 2022.

Australia will force social networks to identify trolls, so they can be sued for defamation

1 day ago

At the same time, will overrule court decision that traditional publishers are liable for comments on social media Australia's government has announced it will compel social media companies to reveal the identities of users who post material considered de ...

Australia to introduce laws to 'unmask' anonymous commenters online

2 days ago

Technical implementation left to the platforms to work out.

EU needs more cybersecurity graduates, says ENISA infosec agency – pointing at growing list of master's degree courses

3 days ago

Skills gap needs filling somehow The EU needs more cybersecurity graduates to plug the political bloc's shortage of skilled infosec bods, according to a report from the ENISA online security agency.…

The Privacy Sandbox saga continues: UK watchdog extracts more commitments from Google over advertising tech

3 days ago

Roll up, roll up. Come and be the CMA-approved trustee to keep an eye on the Chocolate Factory's antics The torrid tale of Google's Privacy Sandbox took another turn today with the UK's Competitions and Markets Authority (CMA) saying it has "secured impro ...

Government-favoured child safety app warned it could violate the UK's Investigatory Powers Act with message-scanning tech

3 days ago

Redesigned SafeToNet feature highlights tech law mess A company repeatedly endorsed by ministers backing the UK's Online Safety Bill was warned by its lawyers that its technology could breach the Investigatory Powers Act's ban on unlawful interception of ...

If you want to see off next year’s cyber-threats, the time to prepare is … now

4 days ago

Fast forward into 2022 with Sophos’ Cybersecurity Summit 2021 Paid Post  Whatever sector you’re in, 2022 is likely to mean more and nastier cyber-threats.…

Microsoft Defender for Endpoint laid low. Not by malware, but by another buggy Windows patch

4 days ago

Only affects Windows Server Core, so that's alright then A sad-faced Microsoft engineer has had to reset the "Days since we last shot ourselves in the foot" counter at the company's HQ after a security update broke Microsoft Defender for Endpoint on Windo ...

It’s about the survival of the fittest – CISOs must be brave enough to throw away their security playbook, or suffer the consequences

4 days ago

The Vectra Masked CISO series gives security leaders a place to expose the biggest issues in security and advise peers on how to overcome them. Advertorial  I’m always asked what keeps me awake at night. Being targeted by APT groups? New ransomware str ...

New Twists on Gift-Card Scams Flourish on Black Friday

4 days ago

Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.

UK.gov emits draft IoT and smartphone security law for Parliamentary scrutiny

4 days ago

Mandatory vuln reporting, hefty fines for non-compliance A new British IoT product security law is racing through the House of Commons, with the government boasting it will outlaw default admin passwords and more.…

Google advises passwords are good, spear phishing is bad, and free clouds get attacked

5 days ago

Ad giant's first stab at providing the 'world's premier security advisory' starts with the obvious Google's Cybersecurity Action Team has released its first "threat horizon" report on the scary things it's found on the internet.…

Huawei's AppGallery riddled with malware-infected games

5 days ago

Cynos.7 trojan found its way into 9.3 million downloads Cybersecurity researchers at anti-virus software company Dr Web have discovered a treasure trove of malware-laced Android games on Huawei's AppGallery.…

WA councils fail to detect simulated cyber attack in audit

5 days ago

Only three out of 15 entities did so in a "timely manner".

US bans Chinese firms – including one linked to HPE’s China JV – for feeding tech to Beijing's military

5 days ago

Other additions to Entity List are accused of helping Pakistan, North Korea make nukes, missiles The US Dept of Commerce's Bureau of Industry and Security has added 27 companies to its list of entities prohibited from doing business with the USA on ground ...

How Threat Actors Get into OT Systems

5 days ago

The convergence and integration of OT and IT has resulted in a growing number of cyber risks for critical infrastructure. Here are some of the ways attackers are targeting operational technology systems.

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery

5 days ago

A new trojan called Android.Cynos.7.origin, designed to collect Android users’ device data and phone numbers, was found in 190 games installed on over 9M Android devices.

In Appreciation: Dark Reading's Tim Wilson

5 days ago

Dark Reading co-founder and editor-in-chief Tim Wilson passed away on Nov. 23.

MediaTek Chip Flaw Could Have Let Attackers Spy on Android Phones

5 days ago

MediaTek systems-on-a-chip are embedded in more than one-third of smartphones and IoT devices around the world.

GoDaddy Breach Widens to Include Reseller Subsidiaries

5 days ago

Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.

OpenText Acquires Bricata

5 days ago

The acquisition adds next-generation network detection and response technology to OpenText Security & Protection Cloud.

Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

5 days ago

Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes.

Max Schrems hits Irish Data Protection Commissioner with corruption complaint

5 days ago

Watchdog argues 'fairness' in process should keep some documents confidential Data privacy campaign group noyb, founded by Austrian lawyer Max Schrems, has filed a complaint with the Austrian Office for the Prosecution of Corruption (WKStA) for a potentia ...

When Will Security Frameworks Catch Up With the New Cybersecurity Normal?

5 days ago

Standards need to reflect that most endpoints will be remote and/or wireless.

Attackers Actively Target Windows Installer Zero-Day

5 days ago

Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month.

Apple's Pegasus lawsuit a 'declaration of war' against offensive software developers, says Kaspersky director

5 days ago

Regional exec says Apple wants offensive researchers out of the field because they are harmful to the reputation of the company Kaspersky's APAC director of Global Research and Analysis, Vitaly Kamlyuk, has called Apple's lawsuit against Pegasus maker NSO ...

How a malicious Android app could covertly turn the DSP in your MediaTek-powered phone into an eavesdropping bug

5 days ago

Millions of devices potentially vulnerable, we're told Check Point Research will today spill the beans on security holes it found within the audio processor firmware in millions of smartphones, which can be potentially exploited by malicious apps to secre ...

Yes, ransomware is your number one security nightmare. But here’s how to sleep easy

6 days ago

Here’s a clue … it involves encryption Advertorial  It may have escaped your notice, but last month was Cybersecurity Awareness month, and this year’s theme is “Do Your Part. Be #CyberSmart”.…

China trying to export its Great Firewall and governance model

6 days ago

Beware of Communists bearing internet governance proposals, says Australian Strategic Policy Institute China is actively trying to export its internal internet governance model, according to a paper from the International Cyber Policy Centre at the Austra ...

Baffle's Data Privacy Cloud Protects Data for Amazon Redshift Customers

6 days ago

Amazon Redshift customers can use Baffle’s Data Privacy Cloud to secure the data pipeline as source data is migrated to Redshift and used for data analytics.

New Android Spyware Variants Linked to Middle Eastern APT

6 days ago

The new variants, improved for stealth and persistence, share code with other malware samples attributed to the C-23 APT.

Why Should I Adopt a Zero Trust Security Strategy?

6 days ago

Zero Trust is the right approach for protecting your end users. Executing it in the right way will also help you comply with the NIST standards and upcoming federal mandates.

Apple Sues NSO Group for Spyware Use

6 days ago

The company seeks to hold Israeli firm NSO Group liable for the targeting of Apple users and requests a permanent injunction to ban its use of Apple products and services.

Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast

6 days ago

That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky.

Dominello on NSW's decentralised digital ID future

6 days ago

Looks to boost trust as two worlds collide.

Apple sues 'amoral 21st century mercenaries' NSO for infecting iPhones with Pegasus spyware

6 days ago

iGiant pledges any damages plus $10m to anti-cybersurveillance groups Apple today sued NSO Group, which sells spyware to governments and other organizations, for infecting and snooping on people's iPhones.…

Apple files lawsuit against NSO Group

6 days ago

Alleges US citizens targeted with spyware.

Zero-day proof-of-concept exploit lands for Windows make-me-admin vulnerability

6 days ago

InstallerFileTakeOver code pops up on GitHub The day has a 'y' in it, so it must be time for another zero day to drop for a Microsoft product. In this case, a local privilege-elevation vulnerability to gain control of fully patched Windows 10, 11, and Ser ...

Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees

6 days ago

Complaints abound that yoof use it to mean 'digital currency' Infosec must "reclaim" the word crypto from people who trade in Bitcoins and other digital currencies, according to industry veteran Bruce Schneier – and it seems some Reg readers agree.…

Holiday Scams Drive SMS Phishing Attacks

6 days ago

Attackers typically target consumers with malicious text messages containing obfuscated links, but experts say businesses are threatened as well.

Alleged Brit SIM-swapper will kill himself if extradited to US for trial, London court told

6 days ago

'Exceptional' case involves 100 BTC payoff, judge told A Briton accused of playing a pivotal role in an $8.5m SIM-swapping attack shouldn't be extradited to the US because he might commit suicide, making his an "exceptional" case, a court was told.…

How to Defend Against Mobile App Impersonation

6 days ago

Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to defense against this.

How Sun Tzu's Wisdom Can Rewrite the Rules of Cybersecurity

6 days ago

The ancient Chinese military strategist Sun Tzu would agree: The best defense is to avoid an attack in the first place.

Common Cloud Misconfigurations Exploited in Minutes, Report

6 days ago

Opportunistic attackers instantly exploited insecurely exposed services deployed in honeypots by Unit 42 researchers, demonstrating the immediate danger of these typical mistakes.

UK Ministry of Justice secures HVAC systems 'protected' by passwordless Wi-Fi after Register tipoff

6 days ago

There's a default admin password online too The Ministry of Justice has secured a set of Wi-Fi access points that potentially gave admin access to industrial control equipment after a tipoff by The Register.…

Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers

1 week ago

Plus: DNS cache poisoning again, cops probe property conveyancing group's IT outage, Azure hole addressed, and more In brief  Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n't
elecoms giant a y ...

Don't Help Cybercriminals Dash With Your Customers' Cash This Black Friday

1 week ago

Each security step, no matter how small, can have great impact in detecting and deterring cyber theft.

Sovereign push for gov cyber hubs ahead of expansion

1 week ago

DTA calls for industry input.

Indian bank smacks down allegation it exposed 180 million customers' accounts

1 week ago

Infosec firm says it found unpatched software, Bank admits Exchange may not have been in the best shape India's Punjab National Bank has smacked down a security firm's allegation that it exposed personal and financial data of its 180 million customers – ...

Pentagon Partners With GreyNoise to Investigate Internet Scans

1 week ago

With a new 5-year $30 million contract, GreyNoise Intelligence will assist multiple teams across the Department of Defense plans in a defensive capacity.

Gov says 'community' expected it to have cyber incident intervention powers

1 week ago

Streamlined bill passes both houses of parliament.

GoDaddy Breach Exposes SSL Keys of Managed WordPress Hosting Customers

1 week ago

The incident, which affected 1.2 million users, raises concerns about domain impersonation attacks and other malicious activities.

CISA Urges Critical Infrastructure to Be Alert for Holiday Threats

1 week ago

CISA and the FBI share steps organizations should take to better protect against security threats during holidays and weekends.

GoDaddy’s Latest Breach Affects 1.2M Customers

1 week ago

The kingpin domain registrar has logged its fifth cyber-incident since 2018, after an attacker with a compromised password stole email addresses, SSH keys and database logins.

Bug Bounties Surge as Firms Compete for Talent

1 week ago

Companies such as GItLab, which today increased its payment for critical bugs by 75%, are raising bounties and bonuses to attract top-notch researchers.

SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using 'compromised password'

1 week ago

Yikes: Up to 1.2 million customers affected GoDaddy has admitted to America's financial watchdog that one or more miscreants broke into its systems and accessed a huge amount of customer data, from email addresses to SSL private keys.…

Online Merchants: Prevent Fraudsters from Becoming Holiday Grinches

1 week ago

Black Friday and Cyber Monday approach! Saryu Nayyar, CEO at Gurucul, discusses concerning statistics about skyrocketing online fraud during the festive season.

10 Stocking Stuffers for Security Geeks

1 week ago

Check out our list of gifts with a big impact for hackers and other techie security professionals.

Is it OK to Take Your CEO Offline to Protect the Network?

1 week ago

Are you asking the right questions when developing your incident response playbook? What security tasks are you willing to automate?

Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws

1 week ago

Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters.

Imunify360 Bug Leaves Linux Web Servers Open to Code Execution, Takeover

1 week ago

CloudLinux' security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug.

GoDaddy security breach exposes WordPress users' data

1 week ago

Up to 1.2 million customers caught up.

Ecommerce platforms (cough, Magento) need patching before Black Friday, warns UK's National Cyber Security Centre

1 week ago

You're your own security team, remember? If you run a small online business powered by the Magento ecommerce platform, Britain's National Cyber Security Centre (NCSC) is begging you to make sure it's fully patched ahead of Black Friday.…

Why the 'Basement Hacker' Stereotype Is Wrong — and Dangerous

1 week ago

It engenders a false sense of superiority that spurs complacency among risk managers and executives, who in turn may underinvest in security teams, rely too much on automation, or both.

Turbine maker Vestas Wind Systems admits to cyber incident, refuses to confirm if ransomware is at play

1 week ago

Company data compromised but not systems containing customer or supplier information Vestas Wind Systems, one of the world's largest makers of wind turbines, today confirmed company data has been compromised in a "cyber security incident" that forced the ...

Nigeria's central bank digital currency is 'same Naira, more possibilities' – if you count government snooping

1 week ago

Privacy challenges and rushed implementation should make this cash alternative much less attractive Opinion  Nigeria recently became the first African country to launch its central bank digital currency (CBDC), the eNaira. However, there are significant ...

A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal

1 week ago

Unexpected consequences of the SQL Slammer worm Who, Me?  Do you check your emails before sending them? Re-read a dozen times but still that typo sneaks through? Welcome to a Who, Me? in which a reader learns that one mistyped letter can result in a visi ...

After four bans, TikTok finally passes the Pakistan challenge

1 week ago

Video app promises not to let naughty content cross the border, and to ban those who try Pakistan has allowed TikTok to resume operations on its soil.…

Amazon India execs charged after sellers allegedly use site to smuggle marijuana

1 week ago

Ganja believe it? Seller claimed to sell 'Stevia leaves', but shifted a tonne of wacky 'baccy before being busted Police in the Indian state of Madhya Pradesh have charged Amazon India executives under narcotics laws, after uncovering a marijuana smugglin ...

NSW bans police from accessing QR code check-in data

1 week ago

Covid-19 information privacy bill passes.

Australia's Copyright Agency investigates cyber incident

1 week ago

Notifies 37,000-plus members.

Insurers run from ransomware cover as losses mount

1 week ago

Halve the amount of cyber cover they provide.

A look at the intimate details Amazon knows about us

1 week ago

Profiling leaves those that ask for a copy stunned.

US Banks Will Be Required to Report Cyberattacks Within 36 Hours

1 week ago

There is currently no specific time frame during which banks must report to federal regulators that a security incident had occurred. A new notification rules changes that to 36 hours.

3 Takeaways from the Gartner Risk Management Summit

1 week ago

Security leaders can be treated as partners supporting the business and share accountability by establishing relationships with business stakeholders.

Iranians Charged in Cyberattacks Against U.S. 2020 Election

1 week ago

The State Department has offered a $10M reward for tips on the two Iran-based threat actors accused of voter intimidation and disinformation.

6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years

1 week ago

Pen Test Partners didn't disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm.

To Beat Ransomware, Apply Zero Trust to Servers Too

1 week ago

The path out of the ransomware crisis is full inspection and protection of all traffic flows. That means zero trust everywhere — even between servers.

Zero Trust: An Answer to the Ransomware Menace?

1 week ago

Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.

California Pizza Kitchen Serves Up Employee SSNs in Data Breach

1 week ago

A hefty slice of data – that of 100K+ current and former employees – was spilled in an “external system breach,” the pizza chain said. 

US Indicts Iranian Nationals for Cyber-Enabled Election Interference

1 week ago

Among other things, the pair pretended to be Proud Boys volunteers and sent in a fake video and emails to Republican lawmakers purporting to show Democratic Party attempts to subvert the 2020 presidential elections.

Defending critical infrastructure: The status quo isn’t working

1 week ago

AI can help thwart attacks before they affect operations Paid Feature  Cyber-attacks aren't just about siphoning bank accounts. They're also targeting critical national infrastructure, warn experts – and we're not doing a very good job of preventing th ...

Search CT Logs for Misconfigured SSL Certificates

1 week ago

Security defenders can run these queries against Certificate Transparency logs to identify misconfigured SSL certificates before they can be used by adversaries to map out attacks.

Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure

1 week ago

Boffins measure the black hole of dubious certs and find it troubling Security researchers have checked the web's public key infrastructure and have measured a long-known but little-analyzed security threat: hidden root Certificate Authorities.…

AGL set to lose its second CISO in 18 months

1 week ago

Begins search for replacement.

Cloud Security Startup Lacework Gets a Boost With New $1.3B Funding

1 week ago

Lacework's will use its $1.3 billion Series D to expand go-to-market strategies and its data-focused cloud security platform.

Canadian teen nabbed in $36.5M crypto heist – possibly the biggest haul yet by a single individual

1 week ago

Plus, US gov to sell off $56M of Bitcoin – the largest single sum recovered so far from a cryptocurrency fraud A Canadian teenager has been arrested for allegedly stealing $37 million worth of cryptocurrency ($46M Canadian) via a SIM swap scam, making i ...

Microsoft Exchange Server Flaws Now Exploited for BEC Attacks

1 week ago

Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.

Boffins find way to use a standard smartphone to find hidden spy cams

1 week ago

Smartphones now have lasers so we're gonna use them to find voyeurs Recent model smartphones can be smarter still about finding hidden cameras in their vicinity, if they take advantage of time-of-flight (ToF) sensors.…

Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidential Election

1 week ago

An indictment was unsealed charging two Iranian nationals for their involvement in a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord, in connection with the 2020 US presidential ...

Ransomware Phishing Emails Sneak Through SEGs

1 week ago

The MICROP ransomware spreads via Google Drive and locally stored passwords.

North Korean Hacking Group Targets Diplomats, Forgoes Malware

1 week ago

The TA406 group uses credential harvesting to target diplomats and policy experts in the United States, Russia, China, and South Korea, rarely resorting to malware.

California Pizza Kitchen Suffers Data Breach

1 week ago

Personal data, including Social Security numbers, of more than 100K employees exposed.

Thousands of Firefox users accidentally commit login cookies on GitHub

1 week ago

GitHub: 'Credentials exposed by our users are not in scope' Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions.…

3 Top Tools for Defending Against Phishing Attacks

1 week ago

Phishing emails are now skating past traditional defenses. Justin Jett, director of audit and compliance at Plixer, discusses what to do about it.

Addressing the Low-Code Security Elephant in the Room

1 week ago

The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why everyone is responsible for the security of low-code/no-code applications.