Hot Topics

vulnerability

audits, testing, API security vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

Why Pentesting-as-a-Service is Vital for Business Security

| | Attack Surface Management, Network Security, Penetration Testing, pentesting, pentesting-as-a-service, vulnerability
Conducting regular penetration tests (pentests) is a proactive option that identifies, evaluates and mitigates risks ...
Security Boulevard
Meta's Threads and Your Privacy, Airline Reservation Scams, IDOR Srikes Back

Meta’s Threads and Your Privacy, Airline Reservation Scams, IDOR Srikes Back

| | airline, Airline Reservation, alarm, Alarm System, Cyber Security, Cybersecurity, Data Privacy, Data Tracking, Digital Privacy, Eaton, Episodes, facebook, Flight, Fraud, idor, Information Security, Infosec, insecure-direct-object-reference, Instagram, Meta, owasp, OWASP Top 10, Podcast, Podcasts, Privacy, scam, Scams, SecureConnect, security, Smart Alarm, technology, Threads, Twitter, vulnerability, Weekly Edition
In this episode, we explore the rise of Threads, a new social media app developed by Meta, which has already attracted 10 million users in just seven hours. However, there’s a catch ...
Shared Security Podcast
audits, testing, API security vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

How Audits + Testing = Long-Term Savings

| | Audit, Breach, Compliance, Cybersecurity, mainframe, Penetration Testing, vulnerability, zero trust
Compliance audits and penetration testing play an important role in assessing, correcting and strengthening an organization’s security configuration ...
Security Boulevard
MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches

MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches

| | Brushing, china, Complex Passwords, Cyber Security, cyberattack, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, Information Security, Infosec, military, MOVEit, Password, Password Rotations, passwords, Podcast, Podcasts, Privacy, security, Security Awareness, smartwatch, Smartwatches, supply chain, supply chain attack, technology, US Army, vulnerability, Weekly Edition
Several major organizations, including British Airways and the BBC, fell victim to the recent MOVEit cyberattack. We discuss the alarming trend of hackers targeting trusted suppliers to gain access to customer data, ...
Shared Security Podcast
MOVEit ransomware, attacks

US Gov’t Puts $10M Bounty on CL0P as MOVEit Fallout Continues 

| | Cybersecurity, MOVEit, Ransomware, vulnerability, zero-day
The U.S. State Department is offering a $10 million bounty for information related to the Cl0p ransomware gang, which is thought to be behind the MOVEit Transfer vulnerabilities ...
Security Boulevard
PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers

PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers

| | FEATURED, open source, PyPI, pypi vulnerability, vulnerability
This month, Sonatype’s automated malicious open source and malware detection systems flagged hundreds of malicious packages, 10 of which we have analyzed in this blog post ...
Sonatype Blog
FTC's Complaint Against Ring, Detecting Malware Infected Apps, America's Most Cybersecure Companies

The FTC’s Complaint Against Ring, Detecting Malware Infected Apps, America’s Most Cybersecure Companies

| | amazon, America, android, companies, Cyber Security, Cybersecure, Cybersecurity, Data Privacy, Digital Privacy, Episodes, fine, Forebes, FTC, google, Google Play, Hacker Safe, Hackers, Information Security, Infosec, iRecorder, Malicious App, Malware, Mobile, Mobile App, Podcast, Podcasts, Privacy, Ring, security, SecurityScorecard, smartphone, technology, vulnerability, Weekly Edition
The FTC charged Ring, the Amazon-owned home security camera company, for compromising customer privacy and having inadequate security measures. Employees accessed private videos, while hackers exploited vulnerabilities and now Ring needs to ...
Shared Security Podcast
zero-day zero-trust app hardware zero-trust prepare

A Zero-Day Should Not Be a Crisis

| | Incident Response, supply chain, Threat Intelligence, vulnerability, zero-day
The next time there is a zero-day sweeping the internet, your organization shouldn’t have to panic. This shouldn’t be a crisis. Instead, it should be a controlled exercise that follows a playbook ...
Security Boulevard
Valint - Validation Integrity - A compliance verification tool

What Happens When an AI Company Falls Victim to a Software Supply Chain Vulnerability

| | AI, software supply chain, vulnerability
An image illustrating AI goes wrongOn March 20th OpenAI took down the popular generative AI tool ChatGPT for a few hours. It later admitted that the reason for the outage was a software ...
Stories by Barak Brudo on Medium
The Threat of Clop Ransomware: How to Stay Safe and Secure

The Threat of Clop Ransomware: How to Stay Safe and Secure

| | clop, cyber threat intelligence, Ransomware, ransomware as a service, ransomware attack, vulnerability, vulnerability intelligence, Vulnerability Management, Vulnerability Remediation
Protect your organization from the re-emerging threat of Clop ransomware. Learn what Clop is, how it works, and how to prevent a potential ransomware attack. The post The Threat of Clop Ransomware: ...
Threat Intelligence Blog | Flashpoint
Load more