Cybersecurity News

Cybersecurity News including Analytics, CISO, Cloud Security, Cybercrime, Data Security, DevOps, GRC, IoT, Social Engineering, Threats & Breaches and more.

Sysdig Details Proxyjacking Attack Leveraging Log4j Vulnerability

Sysdig today published a report that described how cybercriminals are exploiting the Log4j vulnerability to gain access to IP addresses that are then sold to entities that resell them. Dubbed proxyjacking, the attacks enable cybercriminals to resell bandwidth to providers of proxyware services that allow someone to hide their physical ... Read More

NTT Taps Microsoft to Provide MDR Service

NTT Ltd has launched a managed detection and response (MDR) security service based on Microsoft Sentinel, a security information event management (SIEM) platform hosted in the Azure cloud service. The NTT MDR service collects data from any user, device, application and infrastructure platform from any on-premises or cloud computing environment ... Read More

Survey: Reactionary Cybersecurity is Misaligned With Business Goals

A global survey of 409 cybersecurity and IT decision-makers from companies with at least 250 employees suggested that while there is a lot more attention being paid to aligning cybersecurity strategy with business goals, most organizations are still spending most of their time reacting to events rather than achieving specific ... Read More

After Brief Exposure in Public Repo, GitHub Rotated Private SSH Key

In an attempt to get ahead of fallout from the exposure of its private SSH key in a public repository, the software development platform GitHub proactively rotated its host key last week. “Out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations ... Read More

Noname Security Extends Reach of API Security Platform

Noname Security this week extended the reach of its platform for securing application programming interfaces (APIs) to make it easier to discover APIs and visualize the workflows that revolve around them. Specifically, the company has added to the Noname Security Runtime Protection platform an ability to customize discovery and more ... Read More

Elastic Unfurls Cloud Security Platform for AWS

Elastic today launched a cloud security analytics platform that provides visibility into Amazon Web Services (AWS) environments. The Elastic Search platform is based on the open source search engine platform it developed. Mike Nichols, vice president of product management for Elastic, said the Elastic Search platform provides both cloud security ... Read More

Twitter Presses GitHub to Turn Over User Who Leaked Source Code

When Twitter joined the ranks of tech companies whose source code leaked online, it was met with little surprise and a whole lot of unease over what the leak might mean for the platform’s security. “Unlike other recent source code leaks, it is concerning that Twitter has not released a ... Read More

API Attacks Rise 400% in Last Six Months

Attacks on APIs continue to rise sharply. New findings from Salt Labs found a shocking 400% increase in unique API attackers in the last six months. Interestingly, the report also discovered that nearly 80% of attacks occur over authenticated endpoints. Gartner previously predicted that APIs would soon become the most ... Read More