Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to “Nobelium,” a threat actor tied to Russia’s Foreign Intelligence Service (the SVR).

The threat of phishing attacks looms larger than ever. The LA County Department of Public Health recently announced that 50 employees fell victim to phishing attacks, compromising sensitive patient data. These deceptive schemes have become a staple in the cyberthreat landscape, targeting individuals and businesses of all sizes. For every employee, understanding the signs and consequences of a phishing attack is crucial to safeguarding their organization.

Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide.

As developers, we often have to work with REST APIs when we integrate with third-party systems or connect between frontend and backend systems at work. APIs, and REST APIs in particular, are a fundamental part of modern web applications, allowing us to create, read, update, and delete data over HTTP. However, as with any technology, they come with their own set of security challenges. Let's break these challenges down and understand how to secure REST API applications.

In 2023 alone, there were over 3,200 reported cyberattacks, with over 350 million victims in the United States. That’s not to mention the undetected or failed attacks by these cybercriminals, both external and internal, to get access to sensitive data and customers’ Personal Identifiable Information (PII).

Managing vulnerabilities can feel like the end of the first act of Les Misérables as you sing to yourself, “one day more, another day another vulnerability.” Like Jean Valjean, you attempt to put up barricades to protect your environment from attackers exploiting these security weaknesses. Keeping pace with the number of vulnerabilities and threat actor activities becomes overwhelming, leaving you to feel outnumbered and outmanned.

Here’s what you need to know about the progression of the Polyfill supply chain attack and how to respond.

Accessing passkeys from multiple devices can be a hassle if you don’t use a passkey manager since they’re tied to the device on which they’re generated. This means you’d have to create a passkey on multiple devices or scan a QR code to access a passkey from devices that use different Operating Systems (OS). This is inconvenient, which is why you should consider investing in a password manager to store and manage your passkeys.

In 2023, identity theft and fraud reached significant levels, with various reports highlighting the extensive impact on consumers and businesses. The Federal Trade Commission (FTC) reported that consumers lost more than $10 billion to fraud, marking a 14% increase from the previous year. Identity theft remained a pervasive issue, with nearly 560,000 cases reported in the first half of 2023 alone.

Increasing your online customer base might seem beneficial, but is it always advantageous for your business? Our guide aims to help you identify and understand customers who might pose long-term challenges, commonly referred to as high-risk customers. Financial institutions, such as banks, must adhere to regulations that require thorough customer screening to prevent fraud and money laundering.