Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you mention data leakage to most people, they may think that it sounds like a problem for a plumber, but the phrase “data leak” has specific and troubling concerns for a business. Data leakage is a particular security threat, and there are many sources for data leaks.

Starting today, Cloudflare’s API Gateway can protect GraphQL APIs against malicious requests that may cause a denial of service to the origin. In particular, API Gateway will now protect against two of the most common GraphQL abuse vectors: deeply nested queries and queries that request more information than they should.

Security Testing is a crucial step in the application development process. So, how about we say you can have a dedicated environment to test your app for potential threats such that the attached malware cannot spread, access, or modify the rest of your system's files, resources, and settings? Pretty lucrative, right? Application Sandbox and isolation technique is the holy grail of application security.

Japan, known for its innovation and efficiency, is a globally recognized industry leader. This puts Japan-based organizations at risk of being recognized as potentially valuable targets by both criminally motivated and targeted cyber adversaries.

A month ago, Google released eight new top level domains (TLD). Two of them (.zip and.mov) have been a cause for concern because they are similar to well known file extensions. Both.zip and.mov TLD are not new, as they have been available since 2014. The main concern is that anyone now can own a.zip or.mov domain and be abused for social engineering at a cheap price. Because both of these TLDs are indistinguishable from the file extensions, they can be a great bait for threat actors.

Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

For the 23rd year, Techno Security & Digital Forensics Conference East brought practitioners from law enforcement, academia, and security industry pros to learn from each over.

On June 9, 2023, Progress released a security advisory detailing newly discovered SQL injection vulnerabilities impacting the MOVEit Transfer web application and Cloud. The vulnerabilities are distinct from CVE-2023-34362, which was actively exploited by Clop Ransomware to exfiltrate data and extort compromised organizations. Although distinct, the vulnerabilities result in nearly identical unauthorized access where threat actors could modify or disclose MOVEit database content.

Here at Tines, we’re laser-focused on listening to our customers and being the solution they need. It’s why Tines was created in the first place — to be the solution our founders needed but couldn’t find, so they built it themselves. In the same vein, we heard from our customers that they wanted a place to collaborate and track incidents, analyze them, and use the data to build even better automated workflows. Enter cases. Cases offer a space for your team to collaborate.