SQL server attacks are one of the most painful attacks organizations can suffer. An organization’s database is one of its softest spots, with a wide surface area susceptible to attacks. This results in it being an attractive target of attackers. Neglecting your organization’s SQL server security is equivalent to having a bomb ticking in your organization’s IT infrastructure.

Distributed denial of service (DDoS) attacks have consistently been a chief concern of security teams. However, common misconceptions still exist. Some view that DDoS attacks are merely nuisances or inconveniences – that they are volumetric and straightforward to defend against – and that the DDoS defenses most organization use today are fully capable of rendering these threats obsolete.

Subdomain takeovers pose a significant and often overlooked threat to website security. In today's digital age, almost every business has a website to promote, inform, and provide resources to visitors. Websites that use multiple subdomains risk exposing themselves to cyberattacks. Subdomain takeovers can lead to data breaches and reputational damage. However, these risks can be minimized with the right strategies, and your organization can stay protected.

Welcome to the third DDoS threat report of 2023. DDoS attacks, or distributed denial-of-service attacks, are a type of cyber attack that aims to disrupt websites (and other types of Internet properties) to make them unavailable for legitimate users by overwhelming them with more traffic than they can handle — similar to a driver stuck in a traffic jam on the way to the grocery store.

When it comes to cybersecurity in Asia today, some of the key threats that organizations face – like ransomware and phishing – are consistent risks that all cybersecurity teams are surely familiar with. But others are more fluid and may evolve rapidly. Cyberattacks related to hacktivism, for example, are a growing threat in the APAC region, and generative AI technology is also impacting Asia cybersecurity challenges in novel ways.

In recent years, there has been a major ongoing trend toward more digital infrastructure and an increased dependence on technology across a wide variety of sectors. In the property industry, this has manifested heavily in the growth of the property technology (PropTech) market. These developments have had a serious impact on the sector, enabling advances that both improve existing processes and add new features to real estate transactions.

In today’s world of limited time, we need to be laser-focused on our priorities. This goes double for mission-critical activities, like cybersecurity. We want to prioritize fixing the issues that have the most significant impact on our security posture. An attack path is like a roadmap for attackers, outlining the steps they can take to exploit security weaknesses.

OAuth (Open Authorization) is one of the fastest adopted technologies in the AppSec domain. From its first introduction in 2006, as an attempt to introduce a standard authorization protocol, it has become one of the most popular protocols for both user authorization and authentication, and it’s being used by almost every major web service and website today. One of the reasons for its huge popularity is its ease of implementation.

The October 2023 Okta breach is the latest example in a long line of third-party identity attacks. Based on reports to date, it seems that the attack on Okta’s support case management system enabled a threat actor to launch downstream attacks into other companies. So far, 1Password, BeyondTrust and Cloudflare have publicly confirmed they were targeted. Such attacks don’t discriminate and pointing fingers is unproductive.

Okta, a provider of identity and authentication management services, reported that threat actors were able to access private customer data by obtaining credentials to its customer support management system. According to Okta’s Chief Security Officer, David Bradbury, the threat actor had the capability to view files uploaded by specific Okta customers in recent support cases.