Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In iOS app security, the ability to seamlessly blend static and dynamic analysis capabilities is paramount. One tool that stands out in this domain is r2frida. This unique tool combines the robust binary analysis functionalities of Radare2 with the dynamic instrumentation features of Frida, creating a potent toolkit for dissecting iOS applications and fortifying their security posture.

In today’s era of technological innovation, devices, networks and data are interconnected in a vast digital ecosystem. What organizations build in this ecosystem can affect others in it — for better or worse. We are at an inflection point when it comes to systemic challenges to the resiliency of our digital ecosystem and public policy solutions needed to address them.

The interconnected nature of our digital economy requires a shift in how companies think about their cyber risk. Companies need to consider the broader system and how to build mutual support with their entire cyber ecosystem– customers, partners, and vendors. Yet, today, most companies still rely on manual vendor onboarding, monitoring, and point-in-time external security reports to manage supply chain cyber risk – even top Fortune 500 companies.

In November 2023, the Cybersecurity & Infrastructure Security Agency (CISA) published guidance for addressing vulnerability CVE-2023-4966, affecting Citrix NetScaler ADC and NetScaler Gateway. This vulnerability is also known as Citrix Bleed.

It might surprise you to know that more than 70 new vulnerabilities are published every day. And despite their risk-reducing value in helping SOC teams address these, vulnerability management solutions have drawbacks. Often, they only provide a snapshot of an organization’s vulnerabilities at a point in time. In fact, owing to their nature, vulnerabilities identified today may not exist tomorrow, or they may appear and disappear intermittently.

When it comes to sharing files and resources over a network, two popular protocols that often come to mind are NFS (Network File System) and SMB (Server Message Block). Both protocols have their own strengths and weaknesses, and choosing the right one for your needs can make a big difference in terms of performance, security, and ease of use.

Misconfigurations and container image vulnerabilities are major causes of Kubernetes threats and risks. According to Gartner, more than 90% of global organizations will be running containerized applications in production by 2027. This is a significant increase from fewer than 40% in 2021. As container adoption soars, Kubernetes remains the dominant container orchestration platform.

In the digital age, where technology has become indispensable, cybersecurity has become a crucial issue for organizations. Investment in security tools to protect digital assets is increasing; however, the biggest threat often lies in an unexpected factor – human error. Phishing campaigns, weak passwords, or accidental data leaks can put even the most fortified network at risk.

A new phishing campaign is exploiting the eSignature platform Yousign. There have been plenty of phishing attacks that leverage legitimate platforms to help establish credibility with security solutions – including online email services, web hosting, payment processors and more.

A phishing campaign is spreading the DarkGate malware using new techniques to evade security filters, according to researchers at Cisco Talos. “The DarkGate malware family is distinguished by its covert spreading techniques, ability to steal information, evasion strategies, and widespread impact on both individuals and organizations” the researchers explain.