Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I predict that 2023 will be the year of Passkeys. Passkeys are a new passwordless authentication method allowing users to create online accounts and sign in without entering a password. Passkeys have been years in the making and finally, industry fido alliance collaboration (fido2) and the adoption between Apple, Microsoft, and Google have now made it a reality. Passkeys leverage the WebAuthn API to let users log into various websites and applications.

The need for fast incident response is a given. No industry professional would deny how critical a rapid response is when dealing with a cyber threat and an incident. However, it is equally important to understand that the quickest response is not always the best in cybersecurity. Security operations centers (SOCs) and organizations must factor in other variables, too, when preparing for the inevitable, as recent cyber stats suggest.

Google Cloud Provider (GCP) Filestore is a good place to keep lots of rich, unstructured data, such as graphic designs, video editing files, and other media workflows that use files as input and output. Having GCP Filestore backups enables users to protect themselves against the rare case of inaccessibility, accidental changes, ransomware attacks, or other types of disasters.

Mobile device use is pervasive, and has eclipsed traditional computing. We often hear how various malicious mobile apps are released into circulation. For these reasons, mobile app development needs to focus on cybersecurity just as much as it does on functionality and flexibility, if not more so. It’s an inevitable aspect of app development that must be taken more seriously, as the very real threats to business proliferate.

It's time for you and your colleagues to become more skeptical about what you read. That's a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread fake news. Experts at WithSecure have described their investigations into just how easy it is to automate the creation of credible yet malicious content at incredible speed.

Cyberattacks have never been more common than they are now. This is particularly true as the world starts to recover from the pandemic and moves toward a more cloud-based approach. Did you know that 54% of businesses were victims of cyberattacks in the past year? And 75% reported increased security incidents, most frequently caused by identity thefts, ransomware,

A thriving hacker has been found to be posting a college database showcasing it to be a breach. This happened to one of the colleges in the southern region of India, Kerala. Necessary measures have been taken to keep them up to date! The college’s information was found to be floating around on the Dark Web. These data seem to be highly sensitive. These data could be acquired by any human being for just a few thousand.

APT hackers turn to malicious Excel add-ins as initial intrusion vector, PurpleUrchin bypasses CAPTCHA and steals cloud platform resources, and Russia’s Turla APT piggybacks on other hackers’ USB infections.

A shared object refers to the code, which is shared across different programs instead of being replicated manually for each program. Here, the permanent shared objects are the codes that are bound to remain active in the system’s memory even after the program is over. The main purpose of creating the permanent shared objects is to ensure that these codes are stored in the memory and can be re-used multiple times as and when required.

Third party risk assessment is the process of evaluating and managing the risks associated with engaging third parties. It involves identifying, assessing, and mitigating potential risks that could arise from working with external vendors or partners. The goal of this type of assessment is to ensure that any risks posed by these relationships are minimized or eliminated altogether.