Application security is the process of developing and testing the security features of applications to prevent security vulnerabilities against threats such as unauthorized access or modification.
Germany tells consumers to stop using Kaspersky anti-virus products, OSINT reveals a secret government department (with help from an Apple AirTag), and the UK says it's taking a hard line on cyberflashing.
Why outsource cyber security?
Cyber security is rarely an organisation’s primary focus. Treated as an afterthought, cyber protection is usually left to an IT department already busy with the day to day running of a business: too busy, in fact, to give it the time and expertise it needs
In a world plagued by constantly evolving cyber threats, outsourcing cyber security to an MSSP is a smart decision for any business.
The most famous policeman in Nigeria is in hot water over his links to Hushpuppi, has your Amazon Echo been talking to itself, and can an AI girlfriend save your marriage?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Why might Russian EV chargers be displaying an anti-Putin message? Why are Telegram groups sharing sharing explicit images of women without their consent? And who is watching you in the workplace?
The list is composed of 31 targets including Russian critical infrastructure, government agencies, banks, and hosting providers. Ukraine’s Minister for Digital Transformation Mykhaylo Fedorov called for this action to fight against Russia on the cyber front. A Telegram channel was used to coordinate the efforts and plan the cyber-attacks that will be conducted by the IT Army.
Picture of the Week. The "UpdraftPlus" WordPress Plug-In. "Xenomorph" Decrypting "The Hive" Un-Pixelating redacted text. No Internet For You!! If at first you don't succeed... Ukrainian DDoS Attacks. The Bobiverse trilogy. SpinRite News. A BGP Routing Attack.
Following up on a story we brought you last week, Anne Neuberger, deputy national security adviser for cyber and emerging technology has stated that Russia was behind recent DDoS disruptions of Ukrainian government and banking websites last week. Neuberger said the U.S. has “technical information” that shows digital infrastructure belonging Russia’s main intelligence directorate, the GRU, “transmitting high volumes of communication to Ukraine-based IP addresses and domains.”
Over the past decade or so, many organizations have built their networks totally from infrastructure in the cloud, without a traditional data center architecture. Or they’ve built their networks dominantly in the cloud, with some on-premises infrastructure. Either way, instead of having all networking traffic routed through a centralized on-premises location and then to the cloud or Internet, these companies from day one took advantage of massive cost and operational efficiencies by directing applications and services to run directly through cloud environments.
Picture of the Week. A high-severity 0-day in Chrome. Apple updates against another 0-day. CISA thinks this Apple vulnerability is quite serious. Which brings us back to "SeriousSAM" as it's being called.
The 49ers confirmed the attack in a statement to BleepingComputer and said it caused a temporary disruption to portions of their IT network. While the team organization did not confirm whether hackers had successfully deployed the ransomware, they said they are still in the process of recovering systems, indicating that devices were likely encrypted. The leaked data is a 292MB archive of files that the threat actors say are stolen 2020 invoices from the 49ers’ network.
Sign up to our newsletter for the latest Cyber Security news and resources.