Category: Uncategorized
-
OWASP Top 10 Vulnerabilities for 2024
As the digital landscape continues to evolve, so do the threats that permeate it. The Open Web Application Security Project (OWASP) serves as a beacon, illuminating the most critical security risks facing web applications. Now, as we step into 2024, let’s dissect the latest iteration of OWASP’s Top 10 vulnerabilities and discern any shifts or…
-
The role of artificial intelligence and machine learning in cybersecurity
Cybersecurity is an ever-evolving field that has become increasingly important in recent years. With the rise of cyber attacks and data breaches, companies and organizations are seeking new ways to protect themselves and their customers. One technology that has emerged as a potential solution to this problem is artificial intelligence (AI) and machine learning (ML).…
-
The impact of cyber attacks on businesses and how to mitigate the risks
Cyber attacks have become an increasingly common threat to businesses of all sizes over the past decade. These attacks can result in significant financial losses, reputational damage, and even legal liabilities. In this blog post, we will explore the impact of cyber attacks on businesses and discuss some strategies for mitigating the risks. One of…
-
How to protect against phishing attacks
Many of the most recent, successfully executed security breaches are known to have begun with a successfully executed phishing attack. Phishing attacks usually come in different levels of complexity, and are continually used, because they are very effective. However, even though they are effective, there are still simple steps that you can take to protect…
-
Honeypot check-in (03–29–22)
It’s been a while since I’ve spun up my honeypot to see what is going on out in the world so I decided to do that this weekend and provide a little bit of information about my observations. For those who do not know, please reference this blog post where I explain what a honeypot is and…
-
What are wiper attacks, and should you be worried?
If you have been paying close attention to the war in Ukraine, you may have heard of instances where attackers have targeted computer systems in the country and deleted all the information. They accomplished this my using a relatively simple, and familiar type of malware known as a ‘Wiper.’ What is a Wiper? Wipers are…
-
Top Microsoft Exchange Server vulnerabilities exploited in 2021
In 2021, criminals launched a flood of attacks on Microsoft Exchange servers using exploiting what were then zer0-day vulnerabilities. Beginning in January 2021, the attackers went undetected until March 2021 when Microsoft finally became aware and issued the necessary security patches. During that period, an estimated 60,000 organizations were compromised with the number continuing to…
-
LOG4J Attack on Cryptocurrency Firm ONUS
ONUS, one of Vietnam’s largest cryptocurrency platforms has, according to multiple reports, been the victim of a ransomware attack that was traced to the current Apache remote code execution vulnerability, LOG4J, via a third-party payment software. Cystack, a security firm partnering with ONUS, and who was involved in the investigation, said that the incident started…