Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every software we use consists of instructions in the form of computer codes that dictate how computers behave or perform certain tasks. But not all software is designed to make our lives easier. Malware, a portmanteau of the words malicious and software, is specifically designed to help hackers gain access to, steal information from, or damage a computer. Oftentimes, all this happens without the knowledge of the computer user themselves. Until it’s too late, that is.

It’s the news everyone’s been waiting for: Teleport’s version 11 release! This release is packed with features from SFTP support all the way to GitHub Actions Machine ID compatibility. Let’s dive in!

Historically, the hospitality industry in India did not devote considerable resources to fraud prevention, but this is changing. The scope of fraud in the hospitality industry is becoming more popular, and the Indian hospitality sector must implement tactics and technologies to mitigate these risks.

BlackCat (a.k.a. ALPHV and Noberus) is a Ransomware-as-a-Service (RaaS) group that emerged in November 2021, making headlines for being a sophisticated ransomware written in Rust. It has both Windows and Linux variants and the payload can be customized to adapt to the attacker’s needs. BlackCat is also believed to be the successor of the Darkside and BlackMatter ransomware groups.

Security teams must defend their organizations against both known and unknown threats. With attackers continually targeting existing security tooling, being able to unlock automated research-grade insights across your data allows you to identify threats and their variants that may have evaded detection elsewhere in your technology stack.

TLS, or transport layer security, is a protocol used across the globe to encrypt and secure communication over the internet. In this article, we’ll discuss what TLS is, what benefits it provides, and why you need it. Then we’ll walk through implementing TLS in Java.

It’s no surprise that cyberattacks are skyrocketing. Report after report indicates they’ve exploded in recent years as cybercriminals take advantage of the rapid proliferation of endpoints, growing reliance on digital devices, and shift toward remote and hybrid work. However, as the number of attacks increases, the types of attacks remain surprisingly simple. You guessed it. They’re still going after passwords, credentials and secrets.

We live in the 21st century, where now kids are able to access the internet on their own from as early as 8 years old. Today’s youth are often called “digital natives” because they are so comfortable with living online. But as much as we may admire their proficiency with their devices, we shouldn’t forget that security is probably not top of mind.

On November 8th, 2022, Citrix disclosed a critical authentication bypass (CVE-2022-27510), a remote desktop takeover (CVE-2022-27513), and a user login brute force protection functionality bypass (CVE-2022-27516) vulnerability affecting several versions of Citrix ADC and Citrix Gateway. This bulletin only applies to customer-managed Citrix ADC and Citrix Gateway appliances as Citrix-managed cloud services are not affected. A threat actor could leverage these vulnerabilities in specific circumstances.

On November 8, 2022, Microsoft published their November 2022 Security Update and patched six actively exploited vulnerabilities. The vulnerabilities impact Windows and Exchange Server.