Logging was once just a best practice to help you understand what's happening inside your applications. Now, any security expert worth their salt will tell you that you can’t build a security plan without it. As a result, organizations have turned to specialized logging tools like Log4J to strengthen their application security. This move has proven highly effective, with cyberattack risks on businesses dropping from 44% in 2022 to 34% in 2023.

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to launch Windows Explorer and trick users into installing the malware. “Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware,” the researchers state.

To qualify for cybersecurity insurance, organizations must implement strong access controls, have an incident response plan, use Multi-Factor Authentication (MFA), provide employees with security training, regularly perform penetration tests and use encryption to protect sensitive data. Continue reading to learn more about the six cyber insurance requirements and how your organization can meet them.

Security-Enhanced Linux (SELinux), initially known for its perceived complexity in configuration and maintenance, has evolved into an indispensable security architecture across most Linux distributions. It empowers administrators to finely control the actions permitted to individual users, processes, and system daemons, thereby bolstering defense against potential security breaches.

Every day, in a high-stakes race against the clock, protectors must hunt down and stop threats before damage is done. As adversaries work faster and smarter, protectors must operate with greater agility. But legacy SIEMs are holding them back. Designed decades ago when log volumes and adversary speed were a fraction of what they are today, legacy SIEMs hinder investigations with agonizingly slow search speeds.

With 86% of UK adults using a form of online or remote banking and high street banks closing in record numbers, banking websites have become an integral part of our daily lives. They have changed how we manage our money, allowing us to send and receive money from anywhere in the world, open or close accounts at the click of a button (or tap or a screen), and avoid queuing in physical banks. They have also transformed the UK's criminal landscape.

It had already been a challenging few weeks for Live Nation Entertainment, Inc. as they faced down a lawsuit from The Justice Department regarding anti-competitive practices. Things got worse at the end of May when a cybercriminal known as “SpidermanData” claimed to have breached a huge database of 560 million records (including personal and financial data) belonging to TicketMaster Entertainment, LLC – a Live Nation company.

We’re excited to announce that the Snyk Language Server (LS for short) can now be integrated with your existing IntelliJ IDEs.

In 2023, the FBI’s Internet Crime Complaint Center (IC3) received 21,489 BEC complaints with adjusted losses over $2.9 billion USD, according to their 2023 Internet Crime Report. By way of comparison, ransomware, the cyber attack that grabs all the headlines and keeps IT and security teams up at night, accounted for only 2,825 complaints, with adjusted losses of less than $60 million USD.