APIs have become increasingly popular as they are used to connect different systems, services and applications. But this makes them an attractive target for cybercriminals who want to exploits flaws and access sensitive data. Here are five critical reasons you need to conduct API security testing.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Cisco Secure Access is a security service edge solution that delivers zero trust access to efficiently solve today's challenge of safely connecting anything to anywhere and reimagines the experience to make it better for users, easier for IT and safer for everyone.
ChatGPT set the world on fire six months ago, and since then a slew of companies have released features or products built on or around generative AI - some of them completely legitimate and some of them little more than snake oil. Does AI makes sense everywhere for everything? Absolutely not.
The Russian-language Clop crime group's mass exploitation of MOVEit file-transfer software demonstrates how criminals continue to seek fresh ways to maximize their illicit profits with minimal effort. Ransomware response firm Coveware says Clop may clear over $75 million from this campaign.
The crazy fluctuations in the stock market over the past 14 months can drive short-term thinking for publicly traded firms, said CEO Fran Rosch. A proposed $2.3 billion buy by Thoma Bravo would allow ForgeRock to think about the best long-term investments and opportunities in the identity market.
Despite the significant advances technology has made over the past few years, email remains one of the best tools for cybercriminals. Training is just one piece of the puzzle. The best defense against today's cybercrime landscape is a multilayered security strategy.
Federal regulators are once again reminding healthcare entities and their vendors of the importance of using strong multifactor authentication to help fend off hacks and other compromises, but they also warn about avoiding common mistakes with MFA.
Big banks want social media firms to take accountability for scams that occur on their payment platforms, but that doesn’t mean reimbursing victims. Banks need to take the lead in making victims whole quickly. And big tech and telcos need to kick the scammers out of their platforms.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups.
At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.
How many hackers can claim to have caused a national cheese shortage, not least in the Gouda-loving Netherlands? Enter Mikhail Matveev, a Russian national who's been indicted for wielding not one but three strains of ransomware, in what experts say is a needed focus on ransomware affiliates.
Breach notifications from British outsourcing giant Capita mount amid signs the multibillion-pound company doesn't have a firm grip on how much data it exposed. For a company that trumpets its ability to "achieve better outcomes," Capita's inability to grasp the impact of its breaches is ironic.
Identity is more important than ever in today's "work from anywhere" world where the need for secure authentication has become paramount. Zero Trust Authentication complements security investments in EDRs, EPPs, SIEMs and existing SSOs and delivers a passwordless experience that drives productivity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.