Understanding CNAPP: The Only Guide You Need for Cloud-Native Security
A Cloud-Native Application Protection Platform (CNAPP) is a unified security solution that protects cloud-native applications from development to runtime. Cloud…
Security
Story of Cyberattack – Facebook Data Leak
In April 2021, the cybersecurity world was shaken by the revelation that personal data from 533 million Facebook users had…
Victims of Cybercrime that create their own demise
One of the most successful actions that cyber threat actors have historically taken is in the use of “phishing” while…
LockBit’s Onslaught and the Security Gaps That Allow It
LockBit remains one of the most aggressive ransomware groups, continuously adapting its tactics to target organizations worldwide. Despite law enforcement…
The Combined Cipher Machine
Interesting article—with photos!—of the US/UK “Combined Cipher Machine” from WWII.
The Need for a Paradigm Shift in Cybersecurity: Why Prevention-First is the Only Way Forward
For far too long, the cybersecurity industry has been playing a losing game, defined by a reactive approach. The prevailing…
CISA Identifies Five New Vulnerabilities Currently Being Exploited
Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who…
Analysis of a JavaScript-based Phishing Campaign Targeting Microsoft 365 Credentials
Written by ARC Labs contributors, John Dwyer and Eric Gonzalez ARC Labs recently discovered a JavaScript-based credential harvesting campaign leveraging…
API Specifications: Why, When, and How to Enforce Them
APIs facilitate communication between different software applications and power a wide range of everyday digital experiences, from weather apps to…
Trojaned AI Tool Leads to Disney Hack
This is a sad story of someone who downloaded a Trojaned AI tool that resulted in hackers taking over his…