Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Being a cybersecurity practitioner 15-20 years ago sometimes made me the unpopular guy in the room. People are always excited about financial gain – opening new lines of business, developing creative and sustainable revenue streams – you know, the fun stuff. But nobody wanted to talk about cybersecurity-related financial losses at that time – especially not potential losses due to risks that very few people understood yet.

It’s Saturday morning. You’ve decided to sleep in after last night’s bender, and you can’t be bothered about the sound of your phone ringing. You decide to brush it off and go back to sleep, but the phone won’t stop ringing. You wake up and scan your surroundings. Your wife’s missing. You let the phone ring until it’s silent and bury your head in your pillow to block out the splitting headache that’s slowly building up. A single message tone goes off.

With mobile phones accounting for over 60% of website traffic in 2022, launching a mobile app in South America will be an astute decision. The future lies with smartphones and tablets, making it essential to move beyond traditional desktop solutions. But, did you know- In the first half of 2022, 10,666 ransomware signatures were found in Latin America, as against 5,400 in the last half of 2021.

KrakenLabs has developed a new naming convention that uses poisonous plants to represent the origin and criminal activities of threat actors. This approach provides a creative way to classify different types of threat actors, allowing security professionals to quickly understand the nature and behavior of the threat actor, which is helpful for identifying and mitigating threats effectively.

As a risk-based response to the continuous, and varied assaults on our systems by criminals, the PCI DSS standard requires a minimum of 20 technical scans per full year for merchants, and 21 for third-party service providers (TPSPs)

Functional testing is a critical aspect of application development, and it plays an essential role in products being built within the Java ecosystem to ensure they meet their functional requirements and work as intended for the end user. As this method of testing is heavily based on validating “functionality” (i.e., “Does this application work the way we intend it to work?”), it is essential to utilize it throughout the development process.

The most crucial component of any federated partnership is the token-signing certificates, which serve as a key validation method to guard against malicious tampering and security token fraud. These certificates employ a private/public key pairing to authenticate that a legitimate partner federation server issued a security token and confirm that the token was not altered in transit, these certificates employ a private/public key pairing.

The Federal Information Processing Standard (FIPS) is a collection of rules published by the National Institute of Standards and Technology (NIST) that outlines how to store and handle sensitive data securely. It is a fundamental security precaution that all companies must use to protect Personally Identifiable Information (PII). FIPS defines best practices for data encryption, authentication, and access control.

If you use the Azure cloud, Azure security groups should be on your radar because they’re a fundamental component of securing your resources. As we move into 2023, 63% of SMB workloads are hosted in the cloud, and cyber threats continue to increase, with 45% of breaches reportedly being cloud-based. The good news is Azure security groups act as virtual firewalls, allowing you to define and control access to your network resources, such as virtual machines, subnets, and applications.

Coping with limited resources is a common challenge for security operations teams. Whether it’s due to budget constraints, staffing shortages, or other factors, security teams often need to find ways to do more with less. Let’s talk about some strategies we can use to achieve success in this environment.