Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’ve made several exciting enhancements to the Nightfall platform this month, including multiple new features as well as a more streamlined user experience. Read on to learn more about what our team has been up to.

Welcome to the fourth and final part in our series on credit card fraud originating in Russia. After covering the basics of what carding is, why so much of it is perpetrated by Russian speakers, then digging deeper into how carders operate, in this part we’ll explore ways to protect yourself and your business from this pervasive financial threat. Click here to download the full report: "Inside Russian Carding" (PDF)

The Digital Operational Resilience Act (DORA) is a piece of legislation in the EU (Regulation (EU) 2022/2554) that aims to enhance the operational resilience of the financial sector.

The EU Healthcare system is under attack. Between January 2021 and March 2023, the health sector faced various cybersecurity incidents, endangering the confidential information of hospital and patient data. For the 13th year in a row, the healthcare industry reported the most expensive data breaches, averaging a cost of USD 10.93 million. This year, 40 million patients have already been impacted by data breaches, indicating that 2023 is on track to set a new record for attacks on the health sector.

Netskope Threat Labs is tracking a campaign that uses malicious Python scripts to steal Facebook users’ credentials and browser data. This campaign targets Facebook business accounts with bogus Facebook messages with a malicious file attached. The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology sectors.

Bad news first. Implementing Zero Trust is more complex than using a particular service or a product. Although definitions vary, Zero Trust is an approach to network architecture that moves security closer to user actions and away from network assets. In a 100% Zero Trust environment, no user, process or application inside a network is trusted by default.

Amerita and Pharmerica are medical companies that offer services to nursing facilities, hospitals, individuals, and seniors. These companies specialize in infusion treatments but also provide additional medical services. The companies were recently the target of a data breach that resulted in serious data losses for some of their patients. This is a major issue worth exploring, and, another example of medical information being vulnerable to attack.

Our cyber adversaries are always staying one step ahead. Threat actors love nothing more than trying out new tactics and techniques to attack targets, achieving their malicious objectives. Today, anyone is susceptible to cyber threats at practically any moment. MITRE ATT&CK is a framework that serves as a guiding light— it helps you assess your existing security measures and enhance device and endpoint security mechanisms against these evolving cyber threats.

Every year, JFrog brings the DevOps community and some of the world’s leading corporations together for the annual swampUP conference, aimed at providing real solutions to developers and development teams in practical ways to prepare us all for what’s coming next.

While ransomware continues to be a top concern for organizations, Business Email Compromise (BEC) incidents have been rising and targeting all industries. Based on the FBI’s most recent Internet Crime Report, BEC complaints outpace those of ransomware 10:1, and the losses incurred by BEC are 80 times greater than those incurred by ransomware.