vulnerability
Why Pentesting-as-a-Service is Vital for Business Security
Conducting regular penetration tests (pentests) is a proactive option that identifies, evaluates and mitigates risks ...
Meta’s Threads and Your Privacy, Airline Reservation Scams, IDOR Srikes Back
In this episode, we explore the rise of Threads, a new social media app developed by Meta, which has already attracted 10 million users in just seven hours. However, there’s a catch ...
How Audits + Testing = Long-Term Savings
Compliance audits and penetration testing play an important role in assessing, correcting and strengthening an organization’s security configuration ...
MOVEit Cyberattack, The Problem with Password Rotations, Military Alert on Free Smartwatches
Several major organizations, including British Airways and the BBC, fell victim to the recent MOVEit cyberattack. We discuss the alarming trend of hackers targeting trusted suppliers to gain access to customer data, ...
US Gov’t Puts $10M Bounty on CL0P as MOVEit Fallout Continues
The U.S. State Department is offering a $10 million bounty for information related to the Cl0p ransomware gang, which is thought to be behind the MOVEit Transfer vulnerabilities ...
PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers
This month, Sonatype’s automated malicious open source and malware detection systems flagged hundreds of malicious packages, 10 of which we have analyzed in this blog post ...
The FTC’s Complaint Against Ring, Detecting Malware Infected Apps, America’s Most Cybersecure Companies
The FTC charged Ring, the Amazon-owned home security camera company, for compromising customer privacy and having inadequate security measures. Employees accessed private videos, while hackers exploited vulnerabilities and now Ring needs to ...
A Zero-Day Should Not Be a Crisis
The next time there is a zero-day sweeping the internet, your organization shouldn’t have to panic. This shouldn’t be a crisis. Instead, it should be a controlled exercise that follows a playbook ...
What Happens When an AI Company Falls Victim to a Software Supply Chain Vulnerability
An image illustrating AI goes wrongOn March 20th OpenAI took down the popular generative AI tool ChatGPT for a few hours. It later admitted that the reason for the outage was a software ...
The Threat of Clop Ransomware: How to Stay Safe and Secure
Protect your organization from the re-emerging threat of Clop ransomware. Learn what Clop is, how it works, and how to prevent a potential ransomware attack. The post The Threat of Clop Ransomware: ...