Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over 75% of all cybercrimes primarily target web applications and their vulnerabilities. Attackers focus on exploiting weaknesses such as design flaws, vulnerabilities in APIs, open-source code, third-party widget issues, and access control problems. A recent study predicts that all this cybercrime will cost a massive $5.2 trillion by 2024 across all industries. How do you protect your web application from all the risks out there? Here is a go-to web app security checklist to get started.

It has been a distinct honor to be a part of the Corelight team that helped defend this year’s Black Hat events. I started the event season in the Network Operations Center (NOC) at Black Hat Asia, and then capped it off at Black Hat in Las Vegas. In this blog I’ll share my experience and learnings from participating in both NOCs.

Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns. “Octo Tempest is a financially motivated collective of native English-speaking threat actors known for launching wide-ranging campaigns that prominently feature adversary-in-the-middle (AiTM) techniques, social engineering, and SIM swapping capabilities,” the researchers write.

Continued analysis of ransomware attacks shows an upward trend in the number of attacks, with September resulting in the highest number of assaults so far this year. IT security vendor NCC Group’s Cyber Threat Intelligence Report for September 2023 shows some startling revelations about why ransomware attacks are spiking.

In the rapidly evolving landscape of technology and data-driven decision-making, machine learning has emerged as a powerful tool to gain insights, optimize processes, and drive innovation. Machine learning, a subset of artificial intelligence, involves building models that can analyze data and make predictions. These models can unlock valuable insights and opportunities, making them a potent growth lever for organizations across various industries.

On Monday, October 30, President Biden signed the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence — the longest in history at 117 pages. The executive order (EO) aims to advance and regulate artificial intelligence (AI) in the US. This landmark order pulls together a number of priorities that influence not just the AI industry, but also society at large.

While the days of swashbuckling pirates terrorizing the seven seas may be long gone, modern data pirates abound in the vast cyber seas. They set out to steal your company’s crown jewels – data. Today’s document management systems are filled with treasure ready for the taking, from personal data to credit cards and intellectual property worth billions. But beware, your motley crew can pose just as significant a risk as the pirates roaming the cyber seas.

Securing your software supply chain is crucial for ensuring the integrity and security of the software you develop and deliver. Here are the top 8 security best practices for a secure software supply chain.

‍ The global economic situation is far from encouraging. The IMF’s World Economic Outlook predicts growth will again fall by 3% in 2024 as central banks continue to fight inflation. Businesses throughout all industries are expected to tighten their budgets for the upcoming year, scrutinizing and slashing spending across departments. ‍ At the same time, recent research reveals that the global cost of cyber attacks is expected to reach $10.5 trillion annually.

As Cybersecurity Awareness Month 2023 draws to a close, we wanted to highlight some tips to keep in mind for the rest of the year, and beyond. In case you’ve missed it, we’ve been running a series of videos on our LinkedIn page throughout the month of October highlighting tips from members of our internal security team on topics like password sharing, keeping personal identifiable information safe, and maintaining good cyber hygiene.