Today, we are happy to announce that Cloudflare customers can protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens (JWTs) with API Gateway. Developers and their security teams need to control who can communicate with their APIs. Using API Gateway’s JWT Validation, Cloudflare customers can ensure that their Identity Provider previously validated the user sending the request, and that the user’s authentication tokens have not expired or been tampered with.

A recent great article by BleepingComputer about domain hijacking and DMARC abuse reminded me that many companies and people do not understand DMARC well enough to understand what it does and how it helps to prevent phishing. And look-alike and neglected domains challenge its protective value to unknowledgeable email recipients. This article is about how to understand and proactively use DMARC. DMARC.

As the digital age unfolds, we continue to see seismic increases — decade-to-decade, year-to-year, and even month-to-month — in the amount of data we create as well as its value to us, both individually and collectively. From medical records, financial statements, and classified government documents to transactional processing systems, customer information, social media engagements, pictures of our pets, and so much more, data is the lifeblood of modern society.

At CrowdStrike, we’re on a very simple mission: We stop breaches. It’s easy for us to make this claim but challenging to put into practice and maintain day in and day out. Still, we know with absolute confidence that nobody provides managed detection and response (MDR) better than our CrowdStrike Falcon® Complete MDR team. Why? Because we prioritize outcomes above all else, and we never leave customers stranded with extra work.

I’m thrilled to announce CrowdStrike’s agreement to acquire Flow Security, a pioneer in data security posture management (DSPM) and the industry’s first and only cloud data runtime security solution. With this acquisition, CrowdStrike is setting the standard for modern cloud security with complete real-time data protection spanning endpoint and cloud environments, delivering the only cloud data protection platform that secures data both at rest and in motion.

Android enthusiasts, your time has come. If you own a phone or tablet running Android 14 or higher, you can now save and sign in to many Android apps using passkeys.

The Kroll CTI team observed a campaign using a new malware that appears to be very similar to BABYSHARK, previously reported to have been developed and used by the APT group Kimsuky (KTA082). The malware was deployed as part of an attempted compromise that was detected and stopped by the Kroll Responder team. The activity started with exploitation of a recently addressed authentication bypass in the remote desktop software ScreenConnect, developed by ConnectWise.

As you step into 2024, do you have absolute confidence in the security of your Linux systems? The stakes have never been higher, and the risk landscape for Linux is constantly shifting – which presents an ongoing challenge to your system’s security. In 2023 alone, 282 Linux-specific vulnerabilities were added to the Known Exploited Vulnerabilities (KEV) Catalog by CISA. Employing an advanced vulnerability scanner is the next step to protecting your systems from these and other potential risks.