Hot Topics

vulnerability

identity, data, data breaches, CrowdStrike Legion malware CyberArk browser password identity credentials

GitLab Releases Urgent Security Updates for Critical Flaw

| | Cybersecurity, DEVOPS, GitLab, vulnerability
GitLab is rolling out security patches that fix a bug that could let attackers leverage scheduled security scan policies to run pipelines as an arbitrary user. Bad actors exploiting the flaw could ...
Security Boulevard
ransomware vulnerability

Zero-Day Flaws an Evolving Weapon in Ransomware Groups’ Arsenals

| | Cybersecurity, RaaS, Ransomware, vulnerability, zero-day
Ransomware gangs have for years gotten their malicious payloads into targeted systems primarily through phishing attacks or being dropped as a secondary payload from command-and-control frameworks. That is changing, according to researchers ...
Security Boulevard
Tunnel Vision: CloudflareD AbuseD in the WilD

Tunnel Vision: CloudflareD AbuseD in the WilD

| | Blog, Cybersecurity, GRIT, GRIT Blog, Incident Response & Threat Intelligence, Network & Infrastructure Security, vulnerability
Introduction Across the cybersecurity community, defenders are constantly finding threat actors using novel and innovative techniques to further their exploitation […] ...
The Guiding Point | GuidePoint Security
EMA report

New EMA Research Report Spotlights SSL/TLS Certificate Management Challenges

| | Certificate expiry, Certificate Management, certificate management solution, cyberattacks, digital certificates, SSL/TLS Certificate Management, vulnerability
Digital certificates are essential for enabling trust and protecting online transactions and communications. They are employed to guard against many forms of cyberattacks, authenticate users, and encrypt sensitive data. However, because digital ...
Blogs Archive - AppViewX
How to avoid CVE burnout and alert fatigue in vulnerability scans?

How to avoid CVE burnout and alert fatigue in vulnerability scans?

| | Alert Fatigue, CVE, vulnerability, Vulnerability Management
An image of red alertsCVE ( Common Vulnerabilities and Exposures) scans are essential to securing your software applications. However, with the increasing complexity of software stacks, identifying and addressing all CVEs can be ...
Stories by Barak Brudo on Medium
API security, cloud, audits, testing, API security vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

Why Pentesting-as-a-Service is Vital for Business Security

| | Attack Surface Management, Network Security, Penetration Testing, pentesting, pentesting-as-a-service, vulnerability
Conducting regular penetration tests (pentests) is a proactive option that identifies, evaluates and mitigates risks ...
Security Boulevard
Meta's Threads and Your Privacy, Airline Reservation Scams, IDOR Srikes Back

Meta’s Threads and Your Privacy, Airline Reservation Scams, IDOR Srikes Back

| | airline, Airline Reservation, alarm, Alarm System, Cyber Security, Cybersecurity, Data Privacy, Data Tracking, Digital Privacy, Eaton, Episodes, facebook, Flight, Fraud, idor, Information Security, Infosec, insecure-direct-object-reference, Instagram, Meta, owasp, OWASP Top 10, Podcast, Podcasts, Privacy, scam, Scams, SecureConnect, security, Smart Alarm, technology, Threads, Twitter, vulnerability, Weekly Edition
In this episode, we explore the rise of Threads, a new social media app developed by Meta, which has already attracted 10 million users in just seven hours. However, there’s a catch ...
Shared Security Podcast
API security, cloud, audits, testing, API security vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

How Audits + Testing = Long-Term Savings

| | Audit, Breach, Compliance, Cybersecurity, mainframe, Penetration Testing, vulnerability, zero trust
Compliance audits and penetration testing play an important role in assessing, correcting and strengthening an organization’s security configuration ...
Security Boulevard
MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches

MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches

| | Brushing, china, Complex Passwords, Cyber Security, cyberattack, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, Information Security, Infosec, military, MOVEit, Password, Password Rotations, passwords, Podcast, Podcasts, Privacy, security, Security Awareness, smartwatch, Smartwatches, supply chain, supply chain attack, technology, US Army, vulnerability, Weekly Edition
Several major organizations, including British Airways and the BBC, fell victim to the recent MOVEit cyberattack. We discuss the alarming trend of hackers targeting trusted suppliers to gain access to customer data, ...
Shared Security Podcast
MOVEit ransomware, attacks

US Gov’t Puts $10M Bounty on CL0P as MOVEit Fallout Continues 

| | Cybersecurity, MOVEit, Ransomware, vulnerability, zero-day
The U.S. State Department is offering a $10 million bounty for information related to the Cl0p ransomware gang, which is thought to be behind the MOVEit Transfer vulnerabilities ...
Security Boulevard
Load more