Attack automation becomes a prevalent threat against APIs
The second half of 2022 marked a significant turning point in the security landscape. In several high-profile incidents, application programming interfaces (APIs) emerged as a primary attack vector, posing a new and significant threat to organization.....»»
This new Android malware can steal your card details via the NFC chip
Security researchers spot a sophisticated attack that steals people's NFC data and can be used to steal money, and more......»»
These colorful diagrams show how air quality has changed in more than 100 countries since 1850
Air pollution is an unseen menace that poses a major threat to human health and the climate. We have created the air quality stripes, a visual tool that captures global air pollution trends, to bring this hidden threat into sharp focus......»»
Researcher: Young Black people are disproportionately strip-searched—ways the justice system treats them as a threat
A new report from the Children's Commissioner for England has found that 457 strip searches of children by police took place between July 2022 and June 2023. The report shows that Black children were four times more likely, when compared to national.....»»
Wallarm API Attack Surface Management mitigates API leaks
Wallarm announced its latest innovation: API Attack Surface Management (AASM). This agentless technology transforms how organizations identify, analyze, and secure their entire API attack surface. Designed for effortless deployment, Wallarm AASM empo.....»»
Android malware uses NFC to steal money at ATMs
ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted Android phone. Attack overview (Source: ESET) Unauthorized ATM withdrawals.....»»
Fighting coastal erosion with electricity
New research from Northwestern University has systematically proven that a mild zap of electricity can strengthen a marine coastline for generations—greatly reducing the threat of erosion in the face of climate change and rising sea levels......»»
GenAI models are easily compromised
95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manip.....»»
Bulwark of blooms: The lily"s secret armor against plant pathogens
Fusarium wilt is a severe threat to the global cut-flower industry, particularly impacting lilies. Caused by Fusarium oxysporum, this disease results in significant economic losses due to plant decay and death. Traditional breeding methods have strug.....»»
New study uncovers the complex dynamics of self-deprecating remarks in Korean entertainment
Self-deprecation, a negative self-assessment used in social interaction, is prevalent in Korean reality TV shows. Traditionally, psychology views self-deprecation as indicative of low self-esteem or related psychological disorders, such as depression.....»»
Top architectural firm reveals it was hit by major ransomware attack
CannonDesign starts notifying people a year and a half after the incident......»»
From embers to crisis: The expanding threat of wildfires under global warming
Globally, wildfires are on the rise, driven by climate change, which exacerbates droughts and high temperatures. These fires contribute significantly to carbon emissions and particulate matter (PM2.5), with severe consequences for both climate stabil.....»»
PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access.....»»
OpenCTI: Open-source cyber threat intelligence platform
OpenCTI is an open-source platform designed to help organizations manage their cyber threat intelligence (CTI) data and observables. The platform structures its data using a knowledge schema built on the STIX2 standards. It features a modern web appl.....»»
Average DDoS attack costs $6,000 per minute
2023 saw a surge in the frequency and duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal, according to Zayo. DDoS attack duration increases DDoS attacks surged 106% from H2 2023 to H1 2024. The.....»»
GuidePoint Security releases Phishing as a Service
GuidePoint Security has launched a new Phishing as a Service (PhaaS) offering. Phishing remains one of the most common entry points for threat actors – according to CISA, over 90% of successful cyberattacks start with a phishing email. However, man.....»»
Cybercriminals exploit file sharing services to advance phishing attacks
Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of ph.....»»
AI for application security: Balancing automation with human oversight
In this Help Net Security interview, Kyle Wickert, Worldwide Strategic Architect at AlgoSec, discusses the role of AI in application security, exploring how it’s transforming threat detection and response. Wickert talks about integrating securi.....»»
Climate Change’s Latest Deadly Threat: Lightning Strikes
In rural India, stormy weather, a lack of knowledge, and scant protections are combining to kill thousands every year, with climate change likely to raise the threat as lightning becomes more common......»»
Group-IB partners with SecurityHQ to enhance SOC capabilities
Group-IB announced the signing of a global partnership agreement with SecurityHQ, a global independent Managed Security Service Provider (MSSP). With this partnership, SecurityHQ will leverage Group-IB’s Threat Intelligence, Attack Surface Mana.....»»
Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, wh.....»»