OWASP Lead Flags Gaping Hole in Software Supply Chain Security
SBOMs aren't enough: Developers need to dig deeper into how software is built by using a process called binary source…
2023
Sweet Security Debuts Runtime Management for Cloud
Existing detection tools either provide limited functionality or aren't optimized for the cloud, Israeli startup claims.
Interpol Shuts Down African Cybercrime Group, Seizes $2 Million
Operation Jackal involved law enforcement agencies in 21 countries and yielded more than 100 arrests.
RedHotel Checks in as Dominant China-Backed Cyberspy Group
The APT has been rampaging across three continents on behalf of China's Ministry of State Security, and now claims the…
AI Risk Database Tackles AI Supply Chain Risks
The open source tool — a collaboration between Robust Intelligence, MITRE, and Indiana University — assesses heavily shared, public machine…
Why Shellshock Remains a Cybersecurity Threat After 9 Years
Nearly a decade after it was disclosed, the Shellshock vulnerability still plagues organizations. Learn how to protect yourself.
A massive campaign delivered a proxy server application to 400,000 Windows systems
Researchers discovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems. AT&T Alien Labs…
What is trap phishing? (2023)
EXECUTIVE SUMMARY: In the complex and vast landscape of cyber security, a subtle danger lurks – trap phishing. As organizations…
Alarming lack of cybersecurity practices on world’s most popular websites
The world’s most popular websites lack basic cybersecurity hygiene, an investigation by Cybernews shows. Do you happen to love exploring…
Experts devise an exploit for Apple iOS 16 that relies on fake Airplane Mode
Researchers detailed a new exploit for Apple iOS 16 that can allow attackers to gain access to a device even…