- Amerikaanse overheid: Beloning $10.000.000 voor diegene die informatie kan geven over hackers welke kritieke infrastructuur aanvallen
- Kwetsbaarheid in Linux-kernel kan lokale aanvaller rootrechten geven
- Cybersecuritybeeld Nederland: al tien jaar lang de basis niet op orde
- Persoonsgegevens van 200.000 klanten gehengeld bij Hengelsportketen Raven
- MITRE publiceert jaarlijkse Top 25 van gevaarlijkste kwetsbaarheden
- VWS: 'Dit lek was met elke pentest gevonden'
- FBI publiceert overzicht van de Top 30 meest aangevallen kwetsbaarheden
We are passionate about keeping you informed
Web skimming attacks are essentially software supply chain attacks that can reach hundreds or thousands of websites using the exploited third-party web application.
Before we dive into the specifics of tackling web skimming threats, it’s important to know what they actually are. Web Skimming is a hacking technique where the attacker breaches the payment or checkout page of websites by injecting a malicious script or malware via the third-party apps that are being used by the website. Credit card information and personal information is harvested, often without being detected.Read more
A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end users either by creating new sites that would attract them or by infecting existing websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups and nation states alike and we see the amounts rising. The goal is to swipe username and password combinations hoping the victim reuses them, or infect a victim's computer and gain access to the network within the victim's place of employment. Many conclude that these attacks are an alternative to Spear Phishing but are quite different. Watering Hole attacks are still targeted attacks, but they cast a wider net and trap more victims than the attacker’s original objective.Read more
It's no secret that companies are increasingly relying on third parties for their product and services that they use in their operations. As a result, companies often have to share confidential information with these third parties and vendors.
This makes third-party risk assessment crucial for any business. In other words, it should be one of its top priorities. It's simple, when companies share their confidential information with third parties, they open themselves to the risk of data breaches and a variety of other cyber security risks.
Assessment fatigue is a term that originates from the medical world. It describes the false symptoms someone may show when they’re exposed to too much diagnostic testing. In other words, a patient may experience symptoms of a disease if they’re constantly tested for it, even though they don't have the disease.Read more
For many organizations, the automation of thorough security testing is yet another challenge. During this interactive webinar, we show you how you can boost your DevOps and CI / CD process with AppSec automation. Would you like to know what the latest generation Dynamic Application Security Testing improves for you?Read more
WordPress has many advantages and is not without reason the most popular way to build a website, with 60% of pages on the web based on it. Unfortunately, it is this popularity that makes WordPress a juicy target for malicious users. Every year hundreds of thousands of WordPress and ecommerce sites get hacked.
So, is WordPress secure?
Attackers don’t get in thanks to security flaws in WordPress’s latest core software. Rather, most hacks can be easily prevented by taking simple steps like keeping things updated and securing passwords.Read more
One of cyber security professionals' biggest fears is not knowing what they don't know. Even with the most comprehensive security controls and processes in place, it's difficult to know if they're working as expected. That's why many organizations are using blue team and red team exercises for security control validation.Read more
Third-party apps on websites present potential threats and risks that may affect the security and privacy posture of your website. For your customers, your website is the front end of your organization.
In today’s digitally connected world, websites play a major part in almost every company’s success, and yours is no different. Websites often integrate third-party tools to make themselves more dynamic and interactive, and for offering smooth connectivity to their customers.Read more