Blog - Cyber Security Informer

How Thales and Red Hat Protect Telcos from API Attacks

Thales Cloud Protection & Licensing

FEBRUARY 21, 2024

How Thales and Red Hat Protect Telcos from API Attacks madhav Thu, 02/22/2024 - 04:55 Application programming interfaces (APIs) power nearly every aspect of modern applications and have become the backbone of today’s economy. What are APIs? What are Telcos particularly vulnerable to API attacks?

Encryption

Encryption Mobile Government Consumer Protection

GUEST ESSAY: Why online supply chains remain at risk — and what companies can do about it

The Last Watchdog

JUNE 30, 2021

So what does the average modern website look like? More than 70 percent of the content that loads on an end user’s browser does not come from the website’s server at all. Let’s discuss how the SolarWinds hack relates to a regular website supply chain. Supply chain attack tactics. Controls and guardrails.

Risk

Risk Architecture Hacking Media

How Thales and Red Hat Protect Telcos from API Attacks

Security Boulevard

FEBRUARY 21, 2024

How Thales and Red Hat Protect Telcos from API Attacks madhav Thu, 02/22/2024 - 04:55 Application programming interfaces (APIs) power nearly every aspect of modern applications and have become the backbone of today’s economy. What are APIs? What are Telcos particularly vulnerable to API attacks?

Encryption

Encryption Mobile Government Consumer Protection

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A 2022 Year-end Recap on Cloud Threats

Security Boulevard

DECEMBER 28, 2022

However, while the fundamental TTPs have not shifted, what we have seen is an evolution in long-chained attacks – where more traditional techniques such as social engineering have been combined with cloud misconfigurations and over-privileged identities – resulting in more impactful breaches for organizations.

Social Engineering

Social Engineering Software Engineering Risk

5 Tips to get Better Efficacy out of Your IT Security Stack

Webroot

MAY 25, 2021

Especially in terms of cybersecurity, efficacy is something of an amorphous term; everyone wants it to be better, but what exactly does that mean? And how do you properly measure it? What else can you do? Here are our top 5 tips for getting the best possible efficacy out of your IT security stack.

Phishing

Phishing DNS Backups Cyber threats

SOCwise Series: Practical Considerations on SUNBURST

McAfee

FEBRUARY 4, 2021

This blog is part of our SOCwise series where we’ll be digging into all things related to SecOps from a practitioner’s point of view, helping us enable defenders to both build context and confidence in what they do. . And lastly, they’ll cover best practices, hardening prevention, and early detection. .

DNS

DNS Firewall Accountability Technology

PCI Audit – Checklist & Requirements

Centraleyes

DECEMBER 17, 2023

What is a PCI Audit? Understand the controls that make up the PCI DSS and plan your compliance journey with our PCI DSS checklist found below. What’s New? Here’s a quick tour of what’s new: PCI DSS 4.0: How Long Does a PCI Audit Take? Key Modifications PCI DSS 4.0

Passwords

Passwords Computers and Electronics Software Risk

Threat Intelligence and Protections Update Log4Shell CVE-2021-44228

McAfee

DECEMBER 22, 2021

Log4j/Log4shell is a remote code execution vulnerability (RCE) in Apache software allowing attackers unauthenticated access into the remote system. Should the vulnerability be present, an attacker might run arbitrary code by forcing the application or server to log a specific string. Threat Summary. Resource Hijacking – T1496 (impact).

Malware

Malware Risk Internet Internet

Anti-Scraping Part 2: Implementing Protections

NetSpi Technical

JULY 13, 2023

Continuing our series on Anti-Scraping techniques, this blog covers implementation of Anti-Scraping protections in a fake message board and examination of how scrapers can adapt to these changes. Hardening the Application Multiple changes have been made to the Fake Message Board site to try and prevent scraping.

Accountability

Accountability Authentication Passwords VPN

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

For a brief overview please see our summary blog here. What are Infusion Pumps? What Security Research has Already Been Performed? What are infusion pumps? What security research has already been performed? What are Infusion Pumps? What Security Research has Already Been Performed? Table of Contents.

Computers and Electronics

Computers and Electronics Authentication Software Risk

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two-decades old. How could open source software be vulnerable for so long? The password protected password file clearly was not secure. So I reported this flaw to the vendor … and the response was not what I expected.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in Bash code two-decades old. How could open source software be vulnerable for so long? The password protected password file clearly was not secure. So I reported this flaw to the vendor … and the response was not what I expected.

Software

Software Passwords Internet Internet

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

Daniel Clemens, CEO of ShadowDragon, talks about his more than two decades of digital investigations, from the origins of the Code Red worm to the mass shooter in Las Vegas, with a fair number of pedophiles and human traffickers identified as well. VAMOSI: How do you find a suspect in a criminal case? You find clues. They could.

Hacking

Hacking Media InfoSec Internet

LockBit is back and threatens to target more government organizations

Security Affairs

FEBRUARY 25, 2024

Last week, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. The NCA also obtained the source code of the LockBit platform and a huge trove of information on the group’s operation, including information on affiliates and supporters.

Government

Government Hacking Cryptocurrency Penetration Testing

Cyber Security Informer

How Thales and Red Hat Protect Telcos from API Attacks

GUEST ESSAY: Why online supply chains remain at risk — and what companies can do about it

Webinars

Trending Sources

How Thales and Red Hat Protect Telcos from API Attacks

Webinars

A 2022 Year-end Recap on Cloud Threats

5 Tips to get Better Efficacy out of Your IT Security Stack

SOCwise Series: Practical Considerations on SUNBURST

PCI Audit – Checklist & Requirements

Threat Intelligence and Protections Update Log4Shell CVE-2021-44228

Anti-Scraping Part 2: Implementing Protections

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

The Hacker Mind Podcast: Hacking Real World Criminals Online

LockBit is back and threatens to target more government organizations

Stay Connected