The wonderful world of apps can make our lives, work, and studies significantly easier. Our phones, tablets, or computers have many apps, ranging from photography, self-help, fitness, social media, and video games. However, some mobile apps are more safe than others. Although the app store rigorously tests its apps to ensure they function correctly and are free from harmful software, some third-party apps can still sneak onto the platform that can steal user data or harm their devices.

In February 2024, Lookout discovered an advanced phishing kit targeting the Federal Communications Commission (FCC), along with several cryptocurrency platforms. While most people think of email as the realm of phishing attacks, this threat actor — known as CryptoChameleon — used the phishing kit to build a carbon copies of single sign-on (SSO) pages, then used a combination of email, SMS, and voice phishing to target mobile device users.

On March 21, 2024, security researchers published a technical analysis along with a proof of concept (PoC) regarding the critical Remote Code Execution (RCE) vulnerability, CVE-2023-48788, in Fortinet’s FortiClientEMS. This vulnerability enables an unauthenticated threat actor to achieve RCE through the manipulation of SQL commands. Fortinet has stated that this vulnerability is under active exploitation. PoC exploit code is also now publicly available.

Infrastructure as code (IaC) provides an innovative approach to provisioning and managing cloud infrastructure through code, instead of doing it through manual processes. This foundational shift not only accelerates development cycles but also introduces new dimensions of risk that must be carefully managed. In this article, we'll delve into these challenges and explore strategies to secure IaC environments from potential vulnerabilities and threats. 

Does your security team have dozens of tools to manage, all with disparate user experiences, data models, and capabilities? Unfortunately, this is the result of many traditional SIEM solutions that lack the ability to integrate all features. This creates a big challenge for your SOC because analysts have to ensure they’re using the right tool at the right time to detect attacks. But today, there’s a better option.

This year’s Fierce TMF Summit took place in sunny Savannah Georgia, a city known for its ghosts. But the estimated 200 plus attendees of this year’s Summit aren’t afraid of your average ghosts and ghouls: instead, we shudder at tales of inspection findings, unruly document contributors, and other challenges in TMF management.

So, you’ve done your homework. You’ve clearly defined business requirements, and you think you want to implement a Security Information and Event Management (SIEM) solution into your organization. Cloud migration and remote work have changed the way threat actors attack, and it feels like every day you read about a new methodology. While a lot of companies added a SIEM to their cybersecurity technology stack, you’re not sure whether you can afford one.

GitHub Actions and the GitHub GraphQL API are powerful tools for automating and optimizing workflows. GitHub Actions, released in 2018 brings CI/CD directly into the GitHub ecosystem and automates general project management using YAML files. Whereas, a 2-year earlier-released GraphQL API provides a more efficient way to fetch and manipulate data.