This Week in Malware – Fileless Linux Cryptominer, 100 Packages

Aaron Linskens | August 12, 2022 | DevZone, malware prevention, PyPI, This Week in Malware, Vulnerabilities

This week in malware we discovered and analyzed nearly 100 packages flagged as malicious, suspicious, or dependency confusion attacks.Notably, we uncovered a PyPI package that drops fileless Linux malware directly in memory ...

Sonatype Blog

Cisco Pwned by ‘Russian’ Gang — Data Leaked, Egg on Face

Richi Jennings | August 12, 2022 | cisco, Cisco is simply incompetent with regards to IT security, MFA, SB Blogwatch, UNC2447, VPN, Yanluowang

Cisco got hacked by a ransomware gang—a broker for the UNC2447 threat actor, which has “a nexus to Russia.” ...

Security Boulevard

Excessive Data Exposure: What It Is, How We Can Help

Bret Settle | August 12, 2022 | API security, APIs, Vulnerabilities

No. 3 on the OWASP API Top 10 vulnerabilities list is excessive data exposure (after BOLA and broken user authentication). OWASP says of this vulnerability, “Looking forward to generic implementations, developers tend ...

The Web Application and API Protection Blog

cyberinsurance claim cyberinsurance contractor

Lowering Cyberinsurance Premiums with Managed Security Services

Katie Horvath | August 12, 2022 | Compliance, cyberinsurance, cybersecurity insurance, managed services, risk, security

A range of factors, driven in part by the COVID-19 pandemic, accelerated by the work-from-home (WFH) trend and exacerbated by the Russia-Ukraine conflict, has caused midmarket organizations to grapple with a high ...

Security Boulevard

Supply Chain Cybersecurity – the importance of everyone

Tripwire Guest Authors | August 11, 2022 | Cybersecurity, Data Security, Featured Articles, Security Controls, suppliers, supply chain, Vulnerabilities

This week, I spoke with a new client who told me all about how they are looking forward to addressing a number of internal issues surrounding their IT systems. They explained that ...

The State of Security

It Might Be Our Data, But It’s Not Our Breach

BrianKrebs | August 11, 2022 | A Little Sunshine, alex holden, AT&T Internet, ATT, bellsouth.net, Bleeping Computer, Data breaches, Databreaches.net, Hold Security, Lawrence Abrams, New Jersey Cybersecurity & Communications Integration Cell, sbcglobal.net, ShinyHunters, T-Mobile, The Coming Storm, U-verse, White House Market

A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million ...

Krebs on Security

Prevent Card Fraud With High-Risk Merchants Data: Common Point of Purchase Analysis Made Easy

Chrisea Osbourne | August 11, 2022 | Card Fraud, Common Point of Purchase Analysis, cyber threat intelligence, Fraud, High-Risk Merchants

Flashpoint takes CPP analysis and risky merchants off your plate, with our new High-risk Merchant data built into our Card Fraud Mitigation solution. The post Prevent Card Fraud With High-Risk Merchants Data: ...

Threat Intelligence Blog | Flashpoint

Why is Cybersecurity Essential for Small Businesses?

WeSecureApp | August 11, 2022 | Application Security, Awareness, Cyber Security, Cyber-attack, Cybersecurity, enterprise security, small business, smb

Cybersecurity is a common term for every business but how seriously is it taken? Small businesses often have no budget set aside for cybersecurity which means no security team or vendors. It’s ...

WeSecureApp :: Simplifying Enterprise Security!

Patch Tuesday Advisory – August 2022

Matt Corpos | August 10, 2022 | security posture, , Vulnerability Management

Fixes for 17 critical CVEs and 2 zero-days including DogWalk For August, the number of patched threats announced by Microsoft totals 121, including 17 deemed as Critical and two zero-days. The headline ...

Blog – Balbix

Anti-Vax Dating App Offers Up Admin Privileges

Kelly Speiser | August 10, 2022 | Data breach, Skill Level: Learner

Reading Time: 3 minutes Recently, a dating app dedicated to pairing up anti-vaccination individuals experienced massive data exposure due to an alleged ‘hasty set-up’ and absence of basic security protocols. The dating ...

Sonrai | Enterprise Cloud Security Platform