While the attack needed for such a single-click account takeover would be complex, the research by Frans Rosén, Security Advisor at Detectify, discovered that some of the most popular consumer and business websites in the world currently are not following the OAuth specification best practices and thus are vulnerable to the attack chain. Rosén recently undertook extensive research on how OAuth tokens could be stolen.

CI/CD pipeline attacks are a growing threat to enterprise security. In this article, we’ll provide an overview of CI/CD for non-developers, discuss the cybersecurity issues involved, and offer some recommendations for developers, companies, and security teams.

Cyberattacks often target the retail sector, although many of these threats are aimed at the e-commerce channel, businesses have also reported incidents where in-store Wi-Fi access points and even IoT devices are exploited as attack vectors. This is reflected in several studies, which reveal that, together with the education sector, the fashion industry was one of the hardest hit last year and 60% of retail companies are at risk of suffering an attack.

The attack surface is inevitably going to grow. That’s why we believe it’s crucial for customers to not only know what assets they are exposing online, but knowing to what extent assets are exposed on their attack surface. Previously, it wasn’t possible to filter the attack surface view by state (you can read more about state here). This limitation made it difficult to assess some Internet-facing assets, such as those that were resolving DNS records with no reachable IPs.

Monero (XMR) is an open-source, privacy-oriented cryptocurrency that was launched in 2014. It uses a public distributed ledger containing technology that obscures transaction details to ensure the anonymity of its users. Monero maintains egalitarian mining, allowing anyone to participate. As tempting as it may seem, some go a step further and use the infrastructure of others to participate in mining. Cryptocurrency mining was originally performed using CPUs, and Monero was no different.]

Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. Previous CrowdStrike blog posts have covered critical vulnerabilities in NTLM that allow remote code execution and other NTLM attacks where attackers could exploit vulnerabilities to bypass MIC (Message Integrity Code) protection, session signing and EPA (Enhanced Protection for Authentication).

Containers revolutionized how we build, deploy, and run applications with increased speed, agility, and scalability. But, as often happens with transformative technologies, they require an evolution to security strategy. Centralized deployments inside a protected perimeter gave way to continuous and distributed deployment of containers, creating a growing, dynamic, and distributed attack surface. IT and security teams were left blind and exposed in the cloud.

Cyber attacks and data breaches are top of mind for businesses around the world as attacks on vulnerable networks persist. It is now more important than ever to ensure cybersecurity and resilience. But how do these two practices differ? This blog highlights the differences between cybersecurity and cyber resilience and how to secure your business for optimal cyber protection.

Network security is of the utmost importance when it comes to protecting servers. An organization's servers contains a lot of sensitive data (e.g., clients’ personal data) that can greatly harm your business in the blink of an eye if compromised. One of the most common yet often undetectable ways the security of your servers can be compromised is cache poisoning. It is crucial to be aware of what cache poisoning is, how it works, why it is so dangerous, and how you can prevent becoming a victim.