CIOs and CISOs have long grappled with the challenge of shadow IT—technology that is being used within an enterprise but that is not officially sanctioned by the IT or security department. According to Gartner research, 41% of employees acquired, modified,…
Author: wordpress
Sydney University Suffers Supply Chain Breach
Blast radius appears limited to international students This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sydney University Suffers Supply Chain Breach
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. “Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,”…
7 Key MXDR Benefits
Protecting businesses has gotten increasingly difficult today. The sophistication of cyberattacks, the growth of distributed workforces, and the increased reliance on third-party providers have greatly expanded the attack surface, making it more complex than ever. In order to minimize the…
Summary of South Africa’s Protection of Personal Information Act (PoPIA)
South Africa’s Protection of Personal Information Act (PoPIA), also known as the PoPI Act, is a comprehensive data protection legislation designed to safeguard the privacy and information of South African citizens. While Jacob Zuma assented to PoPIA in November 2013,…
Four Convicted in $18m Investment Fraud Scheme
The Brittingham Group promised outsized returns to victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four Convicted in $18m Investment Fraud Scheme
Silicon In Focus Podcast: Smart Virtual Spaces
The convergence of VR and AR and the inception of the Metaverse could herald a new age of working collaborative virtual spaces all businesses could benefit from. But what are the challenges to and use cases for these spaces and…
Suffolk High School Forced Offline After Cyber-Attack
Separate research warns of widespread email security failings This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Suffolk High School Forced Offline After Cyber-Attack
Cybercrime will cost Germany $224 billion in 2023
Cybercrime will cost Germany 206 billion euros ($224 billion) in 2023, German digital association Bitkom told Reuters. According to the German digital association Bitkom, cybercrime will have a worrisome impact on the economy of the state in 2023. Bitkom estimated…
Sea Sides Conference: Interviewing Prashant Kv and Parveen
1) Could you please start by telling us a bit about yourself and your background? Prashant: Hi, my name is Prashant KV. I have been working in information security for more than 15 years. I started my career as…
Key Group Ransomware: Free Decryptor Released
A free decryptor to tackle the infamous Key Group ransomware has been launched, making a huge contribution to the fight against cybercrime. This finding represents a win for cybersecurity professionals and victims alike, offering some hope to those who have…
Software developers, how secure is your software?
Facing Third-Party Threats With Non-Employee Risk Management
As businesses continue to grapple with third-party threats, a revamped approach to non-employee risk management can help limit their potential exposure. This article has been indexed from Dark Reading Read the original article: Facing Third-Party Threats With Non-Employee Risk Management
How malware sandboxes can help strengthen cybersecurity
In the ever-evolving landscape of cybersecurity, the battle between cyber-criminals and defenders rages on. Cyberattacks are becoming more sophisticated and harder to detect, making it imperative for organizations to bolster their defenses. One powerful weapon in the cybersecurity arsenal is…
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack…
Germany witnesses $224Bn yearly economy loss with Cyber Attacks
In recent times, many developed nations such as the United States, the United Kingdom, Canada, and Australia have refrained from publicly identifying their cyber adversaries, understanding that doing so might inadvertently provide these adversaries with a significant advantage on the…
5 ways in which FHE can solve blockchain’s privacy problems
Blockchain technology has gained significant traction due to its decentralized nature and immutability, providing transparency and security for various applications, especially in finance. Having gained notoriety during the 2010s with the boom of cryptocurrencies such as Bitcoin, skilled observers quickly…
Ransomware attacks go beyond just data
65% of organizations confirmed that ransomware is one of the top three threats to their viability, and for 13%, it is the biggest threat, according to a report by Enterprise Strategy Group (ESG) and Keepit. Organizations’ strategies against ransomware According…
Spam is up, QR codes emerge as a significant threat vector
85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information technology organizations also overtook financial institutions (9%) as the most…
Infosec products of the month: August 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Adaptive Shield, Bitdefender, Bitwarden, Forescout, ImmuniWeb, Kingston Digital, LastPass, Lineaje, LOKKER, Menlo Security, MongoDB, Netskope, NetSPI, OffSec, Qualys, SentinelOne, Solvo, SonarSource, SpecterOps, Synopsys, ThreatConnect,…