This list is often leveraged by the greater security industry as a framework to protect against common web app attacks. Unfortunately, this dynamic also provides cybercriminals with a better blueprint from designing attacks. Currently, the top known web attacks include SQL injection, directory traversal, cross-site scripting (XSS), broken authentication and session management, cross-site request forgery […]
Web applications make the digital world spin, particularly in a hyper-connected, cloud dominant landscape. They help deliver the client-side experience most end-users know and use within their favorite browser. Everything from Office 365 and G Suite, to Salesforce and Dropbox, either deliver cloud-first interfaces or offer web versions that complement a software offering.
According to one industry study, the global IoT security market is expected to reach or exceed $35.2 billion (USD) by 2023, a spike of 33.7% based on compound annual growth rate (CAGR). As witnessed in global news headlines, concerns over IoT device security — and respective IoT security regulations — are driving the high market […]
To increase the chances of a malware deploying and executing within a target environment, savvy cybercriminals use transport layer security (TLS) and secure sockets layer (SSL) encryption standards to mask their attacks from inspection by traditional security controls.
Fileless malware is a type of malicious software that exists exclusively as a memory based artifact (i.e., RAM). Fileless malware does not write any part of its activity to the computer’s hard drive, making it very resistant to existing computer forensic strategies that incorporate file-based whitelisting, signature detection, hardware verification, pattern-analysis, time-stamping, etc.
In Australia, the head of the local intelligence agency was recruited to inform universities about cyber threats and ways of prevention. This was one of the initiatives put in place after an extremely sophisticated threat actor compromised the Australian National University (ANU) and persisted within the university’s network for months at a time.
In 2019, there was an increase in ransomware used in targeted attacks toward state, provincial and local governments, as well as large corporations. Attacks have ranged from hospitals, police stations and educational institutions to aluminum factories (Norsk Hydro, Norway) and power grids (City Power, Johannesburg). “In a modern, citizen-centric environment, successful ransomware attacks are highly […]
The shuttering of the Coinhive mining operation in March 2019 dealt a devasting blow to the nefarious cryptojacking racket that abused the service. Coinhive was not inherently malicious; it was an alternative method for websites to earn revenue instead of showing advertisements.
Mirroring how malware is being leveraged, cybercriminals are being more targeted with phishing than ever before, too. So much so, SonicWall Capture Labs threat researchers recorded a 42% decline in overall phishing volume, the third straight year the attack vector declined.
Introduction of SASE The cybersecurity and network security solution spaces are highly segmented with an endless number offerings and vendors. This creates a massive headache forCyber organizations trying to smoothly integrate these solutions into their network environment.