API Security Losses Total Billions, But It’s Complicated
US companies face a combined $12 billion to $23 billion in losses in 2022 from compromises linked to Web application programming interfaces (APIs), which have proliferated with the increased...
18 Zero-Days Exploited So Far in 2022
So far this year, a total of 18 security vulnerabilities have been exploited as unpatched zero-days in the wild, according to an analysis – and half of those were...
SolarWinds creates new software build system in wake of Sunburst attack
SolarWinds became the poster child for attacks on software supply chains last year when a group of threat actors injected malicious code known as Sunburst into the company's software...
Key takeaways from CSA’s SaaS Governance Best Practices guide
SaaS governance and security is gaining attention among IT and security leaders. This is good, given that organizations are using exponentially more software-as-a-service (SaaS) than infrastructure-as-a-service (IaaS) offerings. Large...
Infamous North Korean hacker group identified as suspect for $100M Harmony attack
The Lazarus Group, a well-known North Korean hacking syndicate, has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol. According...
Patch Now: Linux Container-Escape Flaw in Azure Service Fabric
Microsoft this week disclosed a serious container-escape vulnerability in its widely used Azure Service Fabric technology, which gives attackers a way to gain root privileges on the host node...
Shifting the Cybersecurity Paradigm From Severity-Focused to Risk-Centric
New cybersecurity vulnerabilities increased at a never-before-seen pace in 2021, with the number of vulnerabilities reaching the highest level ever reported in a single year. As a threat analyst...
Cyberattacks via Unpatched Systems Cost Orgs More Than Phishing
Attackers continue to find significant success targeting unpatched servers and vulnerable remote-access systems, researchers say -- and these types of compromises cost victim organizations 54% more than compromises caused by user...
ZuoRAT Hijacks SOHO Routers from Cisco, Netgear
Security researchers have discovered a multi-stage remote access Trojan (RAT) currently being used against a wide range of small office-home office (SOHO) routers in Europe and North America —...
Sysdig Secure update adds ability to stop container attacks at runtime
Container and cloud security company Sysdig has announced a new capability, Drift Control, designed to detect and prevent container attacks at runtime.Drift Control will function as part of Sysdig...
