Organizations are losing between $94 – $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating
Personal Information Compromised in Universal Music Data Breach
Universal Music Group is informing hundreds of individuals about a recent data breach impacting personal information.
The post Personal Information Compromised in Universal Music Data Breach appeared first on SecurityWeek.
Okta Tells Users to Check for Potential Exploitation of Newly Patched Vulnerability
Okta has resolved a vulnerability that could have allowed attackers to bypass sign-on policies and gain access to applications.
The post Okta Tells Users to Check for Potential Exploitation of Newly Patched Vulnerability appeared first on SecurityWeek.
Modernization of Authentication: Webinar on MFA, Passwords, and the Shift to Passwordless
The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experiencing data breaches, leaks, and significant financial losses.
While traditional password-based systems offer
While traditional password-based systems offer
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code.
Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet “issued over 300,000 attack commands, with a shocking attack density” between September 4 and September 27, 2024. No less than 20,000 commands designed
Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet “issued over 300,000 attack commands, with a shocking attack density” between September 4 and September 27, 2024. No less than 20,000 commands designed
238,000 Comcast Customers Hit by FBCS Ransomware Attack
Comcast says over 230,000 customers were affected by a data breach at Financial Business and Consumer Solutions.
The post 238,000 Comcast Customers Hit by FBCS Ransomware Attack appeared first on SecurityWeek.
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances.
The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4.
“Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute
The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4.
“Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute
THN Cybersecurity Recap: Top Threats and Trends (Sep 30 – Oct 6)
Ever heard of a “pig butchering” scam? Or a DDoS attack so big it could melt your brain? This week’s cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans.
Get the scoop before it’s too late!
⚡ Threat of the Week
Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four
Get the scoop before it’s too late!
⚡ Threat of the Week
Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four
Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection
Google has announced that it’s piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil.
The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such as web browsers, messaging apps,
The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such as web browsers, messaging apps,
China’s Salt Typhoon Hacked AT&T, Verizon: Report
The China-linked group Salt Typhoon hacked AT&T and Verizon, possibly compromising wiretap systems, according to WSJ.
The post China’s Salt Typhoon Hacked AT&T, Verizon: Report appeared first on SecurityWeek.