SQL injection, XSS vulnerabilities continue to plague businesses
Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies.
Stories by John P. Mello Jr.
-
-
SolarWinds creates new software build system in wake of Sunburst attack
Lessons learned from software supply chain breach lead to innovative and secure development scheme.
-
Open source software risks persist, according to new reports
Companies are still struggling to gain confidence in the security of their open source projects, but shifting security earlier in the development process shows promise.
-
12 months on, how the Colonial Pipeline attack has changed cyber security
On the one-year anniversary of the Colonial Pipeline attack, industry insiders reflect on the event's effect on cyber security practice and perception.
-
New Linux-based ransomware targets VMware servers
Researchers at Trend Micro have discovered some new Linux-based ransomware that's being used to attack VMware ESXi servers.
-
CISOs worried about material attacks, boardroom backing
CISOs are also less concerned about ransomware attacks, but many says their organisations are still not properly prepared for them.
-
Threat hunters expose novel IceApple attack framework
Suspected state-sponsored threat actor uses IceApple to target technology, academic and government sectors with deceptive software.
-
Wrongly configured Google Cloud API potentially creates dangerous functionality
Misconfiguration of the Google Cloud Platform API could create an exploitable behaviour that leads to service compromise.
-
Cryptomining botnet targeting Docker on Linux systems
LemonDuck, a well-known cryptomining botnet, is targeting Docker on Linux systems to coin digital money, CloudStrike has reported.
-
Bitdefender becomes latest vendor to enter native XDR market
Bitdefender has thrown its hat into the extended detection and response (XDR) ring with a native offering under the banner of GravityZone XDR.
-
Upstart crime site woos Raid Forums orphans
A new crime site for hackers is positioning itself as an alternative to Raid Forums, a popular watering hole for threat actors before it was taken down in February.
-
ESET refreshes enterprise products, embraces XDR
ESET has announced changes to its cyber security product line which includes an auto-update, brute-force protection, and Android web control.
-
Malware detections surge from 'COVID bounce'
A year after pandemic peak, malicious threats to businesses and consumers rose above pre-virus levels, especially for mobile devices.
-
ExtraHop adds heat map to AWS cloud-native security solution
Cloud-native security provider ExtraHop has added heat-mapping capabilities to its Amazon Web Service flagship cyber solution product.
-
Forcepoint One combines zero trust and SASE under a single umbrella
A new platform aimed at reducing the need for multiple security vendors to protect an organisation's digital assets has been unveiled by Forcepoint.
Events
ARN Innovation Awards 2022
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.
EDGE 2022
EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.
Brand Post
Two-Thirds Of Businesses Need Help To Establish Better Hybrid Work Environments – This Is An Opportunity For The Channel
Sponsored By
