vulnerability
Insecure Deserialization Trend | March Attack Data | Contrast Security
Cyberattackers are shifting their strategy in attacking applications and focusing on one of the most dangerous tactics. For the fourth straight month, the number one tactic was insecure deserialization, aka untrusted deserialization ...
Application Detection and Response Analysis: Why ADR? How ADR Works, and ADR Benefits
Two highly respected technology analysts from different cybersecurity disciplines are coming together to recommend that companies consider Application Detection and Response. Organizations face a constant barrage of cyber threats, including zero-day vulnerabilities ...
Cybersecurity Insights with Contrast CISO David Lindner | 03/14/25
Insight No. 1 — We are frogs, falling asleep in security-debt stew Companies are drowning in high-risk software security debt, with critical vulnerabilities festering for an average of 252 days before they’re ...
Breaking Basta: Insights from Black Basta’s Leaked Ransomware Chats
Key Takeaways During the period covered by the Black Basta leaked chat logs (18 September 2023 – 28 September 2024), […] ...
Enhancing Application Security | Contrast ADR and Splunk | Contrast Security
Have you silenced WAF alerts in your SIEM or just stopped sending them altogether? You're not alone. Many SOCs find themselves overwhelmed by the sheer volume of noise generated by traditional WAFs, ...
Healthcare Crisis Emerges: Cybersecurity Vulnerabilities in Patient Monitors Confirmed by FDA
For over a decade, we warned the healthcare industry this was coming. They ignored us. Their sole focus was HIPAA compliance — checking regulatory boxes rather than securing critical systems. We told them that ...
RansomHub Affiliate leverages Python-based backdoor
In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor […] ...
Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security
Attacks on individual applications were down month to month in December 2024, but one of the most dangerous types of attacks was up significantly. That’s according to data Contrast Security publishes monthly ...
2024 Firefox Vulnerabilities: Managing Security Risks
The preferred browser of more than 3% of all internet users, Mozilla Firefox is well-regarded for its perceived ability to deliver a secure and privacy-focused web experience. However, that same widespread usage ...
Fake Solana packages target crypto devs, abuse Slack & ImgBB for data theft
Recently discovered malicious packages on the npmjs.com registry named "solanacore," "solana-login," and "walletcore-gen" target Solana crypto developers with Windows trojans and malware capable of keylogging and sensitive data exfiltration. Furthermore, these packages ...
