0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations
Group-IB has discovered that the recently disclosed phishing attacks on the employees of Twilio and Cloudflare were part of the massive phishing campaign that resulted in …
Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …
How CISOs can safeguard security in CI/CD environments
DevOps is a staple at every forward-thinking organization these days. The agile development and release formula helps companies address customer issues and marketplace …
Ransomware dominates the threat landscape
Acronis researchers have concluded that ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations. Nearly half …
Organizations changing cyber strategy in response to nation-state attacks
66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while 64% suspect their organization has been …
How attackers use and abuse Microsoft MFA
Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to …
Thoma Bravo: Securing digital identities has become a major priority
Thoma Bravo is a private equity firm with a 40+ year history, including over $114 billion in assets under management, and a focus on investing in software and technology …
Is security becoming a priority for DevOps teams?
GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and …
Lean security 101: 3 tips for building your framework
Cobalt, Lazarus, MageCart, Evil, Revil — cybercrime syndicates spring up so fast it’s hard to keep track. Until they infiltrate your system. But you know what’s even more …
7 open-source malware analysis tools you should try out
There are two main types of malware analysis: static and dynamic. Performing static analysis of a malicious binary means concentrating on analyizing its code without executing …
API security incidents occur at least once a month
Postman released the results of its 2022 State of the API Report, which surveyed more than 37,000 developers and API professionals on a range of topics, including their …
Featured news
Resources
Don't miss
- Researchers unearth keyloggers on Outlook login pages
- Hackers love events. Why aren’t more CISOs paying attention?
- Before scaling GenAI, map your LLM usage and risk zones
- SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles
- Why banks’ tech-first approach leaves governance gaps