Tom Brady NFT sale sparks warning to consumers from experts
Wednesday, February 28, 2024 by Freeman Lightner
An expert has warned those considering purchasing an NFT off the back of the Tom Brady $40.7k sale, as NFT marketplaces saw $38 million stolen by scammers last year.
The findings, pulled together by Smart Betting Guide, analyzed a database recording crypto scams and exploits to identify the most vulnerable platforms and blockchains over the last year - with NFT marke...
AI cybersecurity impacts according to NetLib Security
Monday, December 18, 2023 by Richard Harris
This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side.
2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...
Multibot Slack support for SecOps teams from Blameless
Tuesday, August 1, 2023 by Freeman Lightner
Blameless announced the launch of its new Multibot support feature, which helps Security Operations (SecOps) teams to participate in their company's primary Slack workspace. Critically, the new Multibot support allows SecOps teams to access their own customizable bot mapped to their dedicated single-tenant instance of Blameless. With Multibot support, security-consc...
SBOM mandate to improve cybersecurity in the US
Friday, March 17, 2023 by Freeman Lightner
The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021. (1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027. (2) To support the nation’s critical infrastructure and Federal Government networks,...
Identity will hold the keys to the kingdom for cybercriminals
Wednesday, February 8, 2023 by Brittany Hainzinger
In 2023, identity will continue to hold the keys to the kingdom for cybercriminals. This is a continuation from 2022, with the Verizon Data Breach Investigations Report (DBIR) attributing 80% of basic web application attacks to the use of stolen credentials like passwords. Security incidents usually involve a variety of techniques, from social engineering to supply chai...
Developers and brands must make mobile apps far more secure
Tuesday, January 17, 2023 by Christian Hargrave
The bad guys are still breaking digital windows and kicking down digital doors, so to speak, and will continue well into 2023 and beyond!
Consumers through experience or gut instinct will demand that their mobile app providers deliver key security features including trying to stop the increasingly prevalent "man-in-the-middle" attacks. The latest techn...
Open Bug Bounty has fixed 1 million vulnerabilities
Monday, November 7, 2022 by Brittany Hainzinger
Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities.
The Open Bug Bounty project enables website owners to receive advice and support from&n...
Software cyberattack predictions for 2022
Tuesday, January 4, 2022 by Richard Harris
Nigel Thorpe hails from a software development background and moved to the IT security industry with Entrust Technologies during the early days of PKI. His knowledge has benefited a number of security companies in the UK, Canada, and the USA, and he now serves as Technical Director at SecureAge Technology. With a wide range of experience in different business environmen...
Not all security vulnerabilities are created equal
Tuesday, May 25, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...
Six areas of focus for continuous security
Friday, April 16, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...
Improving security posture with static application security testing
Friday, February 12, 2021 by Tim Jarrett
Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...
DevSecOps will go mainstream this year
Tuesday, January 26, 2021 by Richard Harris
Cybercriminals love Shadow Code exploits because hacking a commonly used library or service can place the malicious code on hundreds or thousands of websites. For example, the widely used jQuery JavaScript library has been breached multiple times, leading to digital skimming attacks broadly across the e-commerce sector. Adding jQuery to an application without ...
Data Privacy Day 2020 is here
Tuesday, January 28, 2020 by Richard Harris
Data Privacy Day is here, and with the recent implementation of the California Consumer Privacy Act, the timing could not be better to discuss the importance of taking steps to protect sensitive data while also keeping personal data private and secure.
Similar to GDPR, CCPA will have a profound impact on data privacy and protection, making this year’s Data Priv...
StrandHogg Android vulnerability identified
Thursday, December 5, 2019 by Freeman Lightner
Promon, a Norwegian app security company, has identified tangible evidence of a dangerous Android vulnerability that allows malware to pose as any legitimate app, granting hackers access to private SMS’ and photos, steal victims’ log-in credentials, track movements, make and/or record phone conversations, and spy through a phone’s camera and microphone...
Zeroday vulnerability announced byMcAfee at Defcon
Monday, August 19, 2019 by Richard Harris
At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system.
The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...
Most cryptocurrency mobile apps are vulnerable
Thursday, November 30, 2017 by Christian Hargrave
Over 1,300 crypto currencies exist today with over $300 Billion market capitalization. One of the most popular and oldest cryptocurrency - Bitcoin has almost reached $10,000 price after several months of fluctuation, but continuous and steady growth.A wide spectrum of mobile applications for cryptocurrencies were released during the last few years by various startups, i...
IBM Watson for cyber security has cognitive skills
Monday, February 13, 2017 by Richard Harris
According to IBM research, security teams sift through more than 200,000 security events per day on average, leading to over 20,000 hours per year wasted chasing false positives. The need to introduce cognitive technologies into security operations centers will be critical to keep up with the anticipated doubling of security incidents over the next five years and increa...
Ransomware facts and the steps to prevent it on your device
Friday, December 30, 2016 by Richard Harris
As technology advances forward, so does its unintended consequences and evolution of bad people being able to exploit its weaknesses. Reports of one these exploits is sweeping across Europe, its name is ransomware. Ransomware is malware that allows hackers to take control of your computer and all its data, and then hold it hostage via encryption until a certain sum of m...
How to secure your online accounts from cyber attacks in 2017
Wednesday, December 21, 2016 by Richard Harris
In addition to ball drops and bubbly, the New Year offers an occasion to reflect and contemplate what's ahead in 2017. When Dec. 31 rolls around, many of us think about getting fit, saving more money and promising to take time to enjoy life. As the world becomes more and more connected – and our digital and offline lives become indistinguishable – we should also commit ...
Development practices that break applications and what you can do
Wednesday, November 30, 2016 by Jim Azar
As most organizational leaders recognize at some level, the increasing dominance of web and mobile applications has completely turned the software world on its ear. The number of critical business functions that are processed via a browser or mobile device is escalating, and inaccurate results, aberrant behaviors, and security flaws can all be absurdly costly. Virt...
Intel Security Enhances Unified Defense Architecture
Thursday, November 3, 2016 by Richard Harris
Intel Security has announced an enhanced unified defense architecture designed to empower organizations to more effectively protect a new digital economy of trust, time and money. No longer is our economy a physical one, but one of connected networks and systems where cybercriminals have put us on the defensive. This new second economy, has put us in a world where ...
BYOD nightmare: Pokemon Go
Wednesday, September 7, 2016 by Mike Cobb
Pokémon Go, the smartphone game that became an overnight worldwide sensation, may be more than the latest technology must-have. The cute augmented reality app could actually provide cybercriminals an entry point to your business and personal files.Company security directors were already wringing their hands over employees who mix their work and private information on th...
ERPScan Releases New SaaS Security Platform for SAP Environments
Tuesday, July 26, 2016 by Stuart Parkerson
ERPScan has released a new SaaS solution to protect SAP environments from customization issues. The new solution combines the ERPScan Security Monitoring Suite engine and new technologies developed ERPScan. ERPScan's SAP Code Security SaaS provides the ability to upload a program code from their SAP Systems into ERPScan's cloud platform. Users receive a list of ide...
Why Every DevOps Practice Needs NextGeneration Data Security
Monday, June 27, 2016 by Louis Evans
As engineers and managers, we live in a world of tradeoffs. A fast solution is usually a sloppy one; a cheap solution is often a fragile one. Any solution that breaks these tradeoffs is extraordinary. A major one can bring about a revolution. The DevOps transformation is just such a revolution. It offers orders-of-magnitude acceleration in software delivery, while ...
Tips to Use Penetration Testing to Protect Your Business From Cyber Attacks
Thursday, May 12, 2016 by Joaquín Rodríguez Varela
Forty-seven percent of all breaches were caused by malicious or criminal attacks according to the most recent global data breach study released by the Ponemon Institute. Resolving an attack cost businesses an average of $170 per record, translating to an average total cost of $3.79 million for a data breach.Today’s cybercriminals are getting smarter at finding and breac...
Webroot Launches New Cybersecurity Service for the Internet of Things
Wednesday, May 11, 2016 by Richard Harris
Webroot has released the Webroot BrightCloud Threat Intelligence for IoT Gateways, which provides a cybersecurity service for Internet of Things (IoT) Gateway partners and developers of IoT solutions to augment real-time protection against malicious threats, unauthorized network access, and Denial of Service (DoS) attacks. It provides a set of threat intelligence servic...
A Developer's Perspective on Mobile Security in the Age of BYOD
Thursday, March 31, 2016 by Joe Schulz
With the cost savings of BYOD continuing to lure organizations to adopt this approach, the number of companies allowing employee-owned devices is still on the rise, as well. In early 2015, Tech Pro Research announced that 74 percent of organizations either already allow or were planning to allow employees to bring their own devices to work. At the time of this writing, ...
Report Highlights How Cyber Criminals Move Their Infrastructure to Avoid Detection
Thursday, March 10, 2016 by Stuart Parkerson
Damballa just released its Q1 2016 State of Infections Report highlighting exactly how cyber criminals evade detection. The report dives deep into how cyber criminals move their infrastructure and conceal their tracks to avoid detection.The study cited an example of how the criminals behind the Pony Loader malware are able to propagate widely and remain undetected by co...
Security Startup Provider buguroo Launches New Threat Intelligence Platform
Wednesday, February 17, 2016 by Richard Harris
Security provider buguroo, a U.S. startup and spinoff of Deloitte’s European Security Operations Center (SOC), is launching bugThreats, a threat intelligence platform (TIP) that looks outside the enterprise infrastructure and focuses on useful intelligence gathered where the compromised end users, and their stolen data, are.Focused on intelligence and not protection, bu...
New Report Highlights Wide Ranging Cybersecurity Challenges
Wednesday, September 2, 2015 by Richard Harris
Cybersecurity Ventures has released its Cybersecurity Market Report for Q3 2015 which provides an overview of software development and application security trends, statistics, best practices, and resources. Highlights of the report include:- “The SANS Institute 2015 State of Application Security Report” states that many information security engineers don’t understa...
Enterprise Mobility and BYOA in 2014
Monday, January 6, 2014 by Tania Amar
Let’s get out the crystal ball, stir the tea leaves and see what lies ahead for enterprise mobility in 2014. With strategies figured out for BYOD, businesses will start focusing on BYOA - application. BYOA means that employees are bringing their own applications to work more efficiently and be more productive. While all leading industry analysts, like Gartner, Forrester...
