Author: nlqip
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. APIs are often adopted by businesses as a way to automate certain operational tasks. This not only helps to introduce efficiencies, it also…
Read MoreMolly White Reviews Blockchain Book Molly White—of “Web3 is Going Just Great” fame—reviews Chris Dixon’s blockchain solutions book: Read Write Own: In fact, throughout the entire book, Dixon fails to identify a single blockchain project that has successfully provided a non-speculative service at any kind of scale. The closest he ever comes is when he…
Read More
Feb 13, 2024The Hacker NewsSaaS Security / Data Breach The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors…
Read More
While the application of AI has picked up in cybersecurity, large-scale adoption still suffers from a lack of expertise, budget, and trust, according to a MixMode report. The report, commissioned through the Ponemon Institute, surveyed 641 IT and security practitioners in the US to understand the state of AI in cybersecurity and found the adoption…
Read More
The runaway success of Kubernetes adoption by enterprise software developers has created motivation for attackers to target these installations with specifically designed exploits that leverage its popularity. Attackers have become better at hiding their malware, avoiding the almost trivial security controls, and using common techniques such as privilege escalation and lateral network movement to spread…
Read More
Feb 13, 2024NewsroomVulnerability / Cyber Threat Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of…
Read More
History often views the Preparedness Movement as an instance where prominent former politicians like Teddy Roosevelt attempted to persuade Woodrow Wilson’s administration – directly and via demonstrative efforts like the training of volunteers for a future military venture – that American involvement in war was a necessity. However, the movement was highly decentralized and was…
Read More
Cloudflare: On February 1, Cloudflare announced it had detected a threat actor on its self-hosted Atlassian server on November 23. Although the primary point of compromise in this incident came through account credentials that Cloudflare failed to rotate after an Okta compromise, the company said the threat actor attempted to gain access to a non-production…
Read More
Feb 13, 2024NewsroomVulnerability / Email Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems…
Read More
Over 20 hospitals in Bucharest have reportedly been impacted by a ransomware attack after cybercriminals targeted an IT service provider. As a consequence medical staff have been forced to use pen-and-paper rather than computer systems. Romania’s National Cybersecurity Directorate (DNSC) said in a statement that the attackers encrypted hospital data using the Backmydata ransomware –…
Read More