In today’s world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. But what should you look for when choosing the right provider? The sheer number of providers can be daunting, and finding one […]
Cyber News, Cyber Threat Trends
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360’s Network Security Research Lab said in a report published last week. Fodcha first came to
Cyber News, Cyber Threat Trends
ACM.97 Requiring MFA, encryption, and disallowing network misconfigurations that expose admin ports and data This is a continuation of my series of posts on Automating Cybersecurity Metrics. Where was I? Oh yes, I was trying to use the Developer user created with CloudFormation for whom we autogenerated a password to login into the AWS console and […]
Cyber News, Cyber Threat Trends
Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks. The RepoJacking technique, disclosed by Checkmarx, entails a bypass of a protection mechanism called popular repository namespace retirement, which aims to prevent developers from pulling unsafe repositories with
Cyber News, Cyber Threat Trends
A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain deep links. An independent security researcher has been credited with reporting […]
Cyber News, Cyber Threat TrendsPeople have suspected this for a while, but Apple has made it official. It only commits to fully patching the latest version of its OS, even though it claims to support older versions. From ArsTechnica: In other words, while Apple will provide security-related updates for older versions of its operating systems, only the most recent […]
Cyber News, Cyber Threat TrendsWhen people think of cybersecurity, they think it is all about constant, in-the-moment, reactive execution. That is true in many regards, however, there is more to cybersecurity than that. There is also a strategic side; that progressive, long-term vision to anticipate the unknown, convert fear into motivation, and prepare for future threats. As the Chief […]
Cyber News, Cyber Threat TrendsAkamai study finds low levels of trust among consumers
Cyber News, Cyber Threat TrendsAurubis forced to take IT systems offline
Cyber News, Cyber Threat Trends