Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I would like to see auditors, developers, and security analysts living in harmony like a delicious Reese’s cup, a recent gap analysis that I was part of reminded me that too often, the peanut butter and chocolate sit alone on their own separate shelves.

Google has issued a security advisory to owners of its Android Pixel smartphones, warning that it has discovered someone has been targeting some devices to bypass their built-in security. What makes the reported attacks particularly interesting is that traditional cybercriminals may not be behind them, but rather "forensic companies" exploiting two vulnerabilities to extract information and prevent remote wiping.

In today’s rapidly evolving digital landscape, the importance of low code security cannot be overstated. As organizations increasingly rely on low code development platforms to accelerate application and software development, it is crucial to understand the significance of robust security measures.

Developing applications using low code platforms has gained popularity in recent years due to its ability to accelerate the software development process. However, with increased speed and efficiency comes the need for robust security measures to protect sensitive data and ensure a safe user experience. In this article, we will explore the best practices and strategies for enhancing low code application security.

Read also: Australian hacker Abdilo extradited to the US, carders arrested in Russia, and more.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! You take a long bank holiday weekend and the (Linux) world falls apart. Ouch.

Managed service providers (MSPs) are an attractive target for cybercriminals because of the large amount of sensitive data they handle and their access to their customers' critical infrastructure. A recent survey revealed that 78% of MSPs consider cybersecurity to be their biggest challenge, which has risen considerably from 67% last year. This trend highlights how important it is for MSPs to invest in innovative cybersecurity solutions and train skilled personnel to protect against new threats.

A new string of multi-factor authentication (MFA) attacks targeting the reset of Apple IDs seem to be popping up in a likely attempt to steal the victim’s digital identity and more. A recent post on Twitter/X from entrepreneur Parth Patel outlines his experience when his phone became inundated with requests to reset his Apple ID password – to the tune of over 100.

New data shows that the attacks IT feels most inadequate to stop are the ones they’re experiencing the most. According to Keeper Security’s latest report, The Future of Defense: IT Leaders Brace for Unprecedented Cyber Threats, the most serious emerging types of technologies being used in modern cyber attacks lead with AI-powered attacks and deepfake technology. By itself, this information wouldn’t be that damning.

Imagine someone having access to all your documents, photos, and even your browsing history. It may sound like something out of 1984, but using Google’s products can be a nightmare for your privacy. Despite this, Google Drive has over 200 million active users choosing to store their files with Google. Although Google offers many features with Drive, Chrome, and YouTube, and more,this convenience comes at a cost—your privacy.