XSS

Web Application Attacks Intensify in Fourth Quarter of 2023, According to New Edgio Quarterly Attack Trends Report

Retrieved on: 
Thursday, February 22, 2024

Edgio (NASDAQ: EGIO), the platform of choice for speed, security, and simplicity at the edge, found that web application attacks continued to increase and evolve in the fourth quarter of 2023, as reported in its new Edgio Quarterly Attack Trends Report in which the company analyzed 5.2 billion attack requests.

Key Points: 
  • Edgio (NASDAQ: EGIO), the platform of choice for speed, security, and simplicity at the edge, found that web application attacks continued to increase and evolve in the fourth quarter of 2023, as reported in its new Edgio Quarterly Attack Trends Report in which the company analyzed 5.2 billion attack requests.
  • Unmitigated attacks can lead to even more serious consequences, such as the deployment of ransomware or other malicious software.
  • “As one of the leading edge-computing providers, Edgio has unparalleled visibility into the threats facing web applications today,” said Tom Gorup, Vice President of Security for Edgio.
  • “We are assembling our knowledge and expertise into a quarterly read-out to enable enterprises to better protect their web infrastructure and applications.

Akto Launches World's first proactive GenAI security testing solution

Retrieved on: 
Tuesday, February 13, 2024

Akto, a leading API Security company, is proud to announce the launch of its revolutionary GenAI Security Testing solution.

Key Points: 
  • Akto, a leading API Security company, is proud to announce the launch of its revolutionary GenAI Security Testing solution.
  • This cutting-edge technology marks a significant milestone in the field of AI security, making Akto the world's first proactive GenAI security testing platform.
  • To showcase the capabilities and significance of Akto's GenAI Security Testing solution, Akto's Founder and CEO Ankita will be presenting at the prestigious Austin API Summit 2024.
  • The launch of their GenAI Security Testing solution reinforces their commitment to innovation and their dedication to enabling organizations to embrace GenAI with confidence.

Detectify Research Continues to Reveal Pitfalls in Established Security Methods and Uncovers Top Vulnerabilities from 2023

Retrieved on: 
Tuesday, December 12, 2023

Findings reveal that organizations' most prominent threats during 2023 are vulnerabilities not covered by common disclosure processes, like CVEs, and demonstrate the risks associated with an overly reliant approach to established methods.

Key Points: 
  • Findings reveal that organizations' most prominent threats during 2023 are vulnerabilities not covered by common disclosure processes, like CVEs, and demonstrate the risks associated with an overly reliant approach to established methods.
  • Noteworthy findings from the report include:
    100% of the top three vulnerabilities found across all industries were not covered by a CVE.
  • Additionally, 75% of the total vulnerabilities regularly scanned by Detectify, primarily crowdsourced from its community of ethical hackers, don’t have a CVE assigned.
  • Over-reliance on frameworks like the CVE program weakens organizations' security posture and gives them an unrealistic sense of security.

Edgio Introduces Enterprise Protect and Perform Bundles to Secure and Accelerate Applications with Predictable Cost

Retrieved on: 
Thursday, October 12, 2023

The Application Bundles enable clients to experience the full suite of Edgio Applications – Sites, Performance and Security – at an entry point that makes sense for them.

Key Points: 
  • The Application Bundles enable clients to experience the full suite of Edgio Applications – Sites, Performance and Security – at an entry point that makes sense for them.
  • The offering comes complete with access to the Edgio SOC which includes event monitoring, crisis support, access to Edgio’s customer portal, and more.
  • The Edgio Application Bundles come in four tiers - Free, Professional, Enterprise, and Premier - with each incremental tier offering additional features and services.
  • Edgio’s site hosting enables companies to develop front-end applications on the edge with ease, using 40+ frameworks with automated deployment.

Infrastructure as a Service (IaaS) Market to grow by USD 548.92 billion between 2022 - 2027 | The growing need to simplify solutions for backup to drive growth - Technavio

Retrieved on: 
Thursday, September 21, 2023

The potential growth difference for the infrastructure as a service (IaaS) market between 2022 and 2027 is USD 548.92 billion.

Key Points: 
  • The potential growth difference for the infrastructure as a service (IaaS) market between 2022 and 2027 is USD 548.92 billion.
  • The growing need to simplify solutions for backup drives the IaaS market.
  • Get deeper insights into the market size, current market scenario, future growth opportunities, major growth driving factors, the latest trends, and much more.
  • The increasing adoption of BaaS solutions by end-users is the key factor driving the growth of the market.

3Fun Takes User Security to the Next Level to Provide a Safe and Secure Dating Experience

Retrieved on: 
Tuesday, September 12, 2023

To identify fake accounts and scammers more effectively, 3Fun has developed a protocol that detects suspicious user behavior.

Key Points: 
  • To identify fake accounts and scammers more effectively, 3Fun has developed a protocol that detects suspicious user behavior.
  • The company has also improved its website, API, and app security to provide significant protection against Cross-Site Request Forgery (CSRF).
  • 3Fun also enforces the use of https to secure data transmission, ensuring the protection of user data when using the app.
  • With these updates, 3Fun is doubling down on its promise to provide its users with the best and safest experience possible.

Adversary-Sponsored Research Contests on Cybercriminal Forums Focus on New Methods of Attack and Evasion, Sophos Research Reveals

Retrieved on: 
Tuesday, August 29, 2023

The contests mirror legitimate security conference ‘Call For Papers’ and provide the winners considerable financial rewards and recognition from peers and also potential jobs.

Key Points: 
  • The contests mirror legitimate security conference ‘Call For Papers’ and provide the winners considerable financial rewards and recognition from peers and also potential jobs.
  • Offensive Research Contests on Criminal Forums ,” these contests are designed to drive innovation, and when analyzed, the entries provide invaluable insight into how cybercriminals attempt to overcome security obstacles.
  • Now criminal forums are inviting attackers to ‘submit’ articles on technical topics, complete with source code, videos, and/or screenshots.
  • Offensive Research Contests on Criminal Forums” on Sophos.com .

Salt Security Partners with API Testing Leaders to Bring Best-of-breed Capabilities to API Security

Retrieved on: 
Wednesday, August 23, 2023

PALO ALTO, Calif., Aug. 23, 2023 /PRNewswire/ -- Salt Security, the leading API security company, today announced the Salt Technical Ecosystem Partner (STEP) program, making it easier and faster for enterprises to leverage the deep API adaptive intelligence Salt provides to reduce risk throughout their API ecosystem. Salt is integrating its AI-driven API security insights across organizations' existing workflows and tools as part of the program. The STEP program accelerates those integrations, enabling joint customers to strengthen their API security posture with best-of-breed solutions enhanced by the API security intelligence of the Salt Security API Protection Platform.

Key Points: 
  • The STEP program accelerates those integrations, enabling joint customers to strengthen their API security posture with best-of-breed solutions enhanced by the API security intelligence of the Salt Security API Protection Platform .
  • To kick off the STEP program, Salt today introduced its inaugural partners, companies focused on API testing solutions.
  • The partners include dynamic application security testing (DAST) leaders Bright Security, Invicti Security, and StackHawk and interactive application security testing (IAST) leader Contrast Security.
  • "As part of the Salt STEP program, StackHawk is excited to bring the most developer-focused and comprehensive API security testing solution to help organizations deliver secure code rapidly.

Guardz Identifies New macOS hVNC Malware, Revealing Emerging Trend of macOS Attack-as-a-Service Tools

Retrieved on: 
Tuesday, August 1, 2023

TEL AVIV, Israel, Aug. 1, 2023 /PRNewswire/ -- Guardz, the cybersecurity company securing and insuring SMEs, today disclosed the existence of a Hidden Virtual Network Computing (hVNC) malware targeting macOS devices. The malware, which is available on the major Russian dark web forum Exploit, allows cybercriminals to gain and maintain persistent unauthorized access to a victim's Mac computer without being detected, and demonstrates the concerning emergence of a growing number of macOS-focused Attack-as-a-Service tools.

Key Points: 
  • While cybercriminals have predominantly designed malware to target Microsoft Windows devices at scale, they are now increasingly developing tools for macOS.
  • Recently, Guardz identified an information stealing malware called ' ShadowVault ,' which also exclusively targets macOS devices.
  • This discovery, as well as the growing talk of macOS tools within underground cybercrime forums, suggests an imminent surge in cyberattacks against macOS users.
  • To learn more about the newly disclosed macOS hVNC and the rising trend of threats against SMEs, see Guardz's recent blog post here .

Searchlight Cyber Alerts The Banking Sector to Dark Web Threats

Retrieved on: 
Wednesday, July 19, 2023

Searchlight Cyber , the dark web intelligence company, has released its new report, Dark Web Threats Against the Banking Sector , which outlines the tactics of cybercriminal reconnaissance against banking institutions.

Key Points: 
  • Searchlight Cyber , the dark web intelligence company, has released its new report, Dark Web Threats Against the Banking Sector , which outlines the tactics of cybercriminal reconnaissance against banking institutions.
  • The report highlights the most prominent threats visible on the dark web - including Initial Access Broker posts on dark web forums, insider threats, and supply chain attacks - and explains how banks can use this intelligence to improve their cyber defense.
  • Initial Access Broker posts are the most commonly observed activity on the dark web.
  • In fact, it is to demonstrate the opportunity that the dark web provides to identify threats earlier.