Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Business Logic Vulnerability - Examples and Attack Prevention
Breaking into an organisation’s IT infra doesn’t always require complex methods. Hackers often exploit normal applications and API functions in unexpected ways to access sensitive data. For example, the 2019 Venmo breach involved the exploitation of an open API to scrape millions of payment records. A design oversight in the API allowed attackers to exploit its normal functions in an unintended manner—scraping payment records without proper authorization.
Another API Security Breach: Life360
Another day, another API breach in the news. The latest breach occurred on the Life360 platform where an advisory was able to gleam 400k user phone numbers, based on the article written on Bleepingcomputer.com. Known only by their 'emo' handle, they said the unsecured API endpoint used to steal the data provided an easy way to verify each impacted user's email address, name, and phone number.
Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more
Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.
The State of SME IT in the U.S.
The United States has faced some significant economic headwinds and shifts in the last few years. Even the geographical spread of wealth in the U.S. economy has shifted considerably since the pandemic. Now, an already struggling economy is forecast to continue to slow. What does this mean for small- to medium-sized enterprises (SMEs) in the U.S.? In a recent survey, JumpCloud asked this question to over 300 IT professionals working at SMEs in the U.S. Read on to learn the results.
Areas Where Smart Elderly Care Solutions Are Making an Impact
Smart elderly care solutions have revolutionized how we support and care for older adults in today's digital world. These technologies combine the power of computers, sensors, and the internet to make life easier and safer for seniors. From wearable devices that track health to smart home systems that help with daily tasks, these innovations are changing what it means to age. They allow older adults to stay independent longer, while giving their families peace of mind.
The Industry-leading AI-Driven Security Operations Platform from Exabeam
The next time a vendor tells you “we stop all breaches” or “our AI is more effective”, ask them how they stop attacks using compromised credentials. Exabeam pioneered AI in SIEM, using machine learning-based AI for over 10 years to enable AI and automation across security operations workflows to deliver faster and more accurate threat detection, investigation, and response (TDIR).
Building Graph API Custom Plugins for Copilot for Security
As we explored the capabilities of Copilot for Security, we discovered that while the native plugins offer access to a vast array of data, they didn't cover everything we needed for some of our specific use cases and promptbooks. For instance, we wanted detailed insights into Conditional Access policies from Entra ID, Intune policies, Secure Score, and more. Although Microsoft continues to enhance the native plugins by adding new skills, we opted to develop our own custom plugins.
The Hidden Dangers and Opportunities of Generative AI: What Enterprises Need to Know
Since the launch of ChatGPT in November 2022, generative AI (genAI) has seen rapid enterprise adoption. According to researchers in the Netskope Threat Labs, as of June 2024, an astonishing 96% of organizations are using various types of genAI apps. This widespread adoption is transforming how businesses operate, but with great power comes great responsibility—and risk.