We’ve all heard about the CapitalOne breach. It dominated headlines for weeks and is a prime example of how even the largest and best trained organizations – ones who clearly put security at the top of their mind – can fall victim to sophisticated cloud attacks.
Migrating workloads to public cloud environment opens up organizations to a slate of new, cloud-native attack vectors which did not exist in the world of premise-based data centers. In this new environment, workload security is defined by which users have access to your cloud environment, and[...]
We’ve all seen this scene in some movie or TV show: a hacker sits in a shadowy room, busily typing on his keyboard. Suspenseful music plays in the background, the camera pans around him in a slow movement, and within the space of a few clicks – voilà! – our protagonist has broken into the[...]
A common concern of our customers using cloud platforms like AWS is the horror tales about a negligent (or uninformed) developer inadvertently exposing AWS API keys online, only for hackers to find those keys, penetrate the account and cause massive damage.
Moving to the cloud is all about agility and speed. But this agility and flexibility frequently come at the expense of security, leaving organizations, customers, and their data at risk. Moreover, as more and more organizations adopt multi-cloud and hybrid cloud strategies, this is adding[...]
Credential stuffing is a type of cyberattack where stolen account credentials typically consisting of lists of usernames and/or email addresses and the corresponding passwords (often from a data breach) are used to gain unauthorized access to user accounts through large-scale automated login[...]
In the first quarter of 2020, distributed denial-of-service (DDoS) attacks jumped more than 542% compared with the last quarter of 2019 and more than 278% year-over-year. NexusGuard researchers suggest the spike may be linked to a parallel increase in malicious cyber activity during the COVID-19[...]
Nearly 23,000 MongoDB databases are affected in a ransomware campaign designed to wipe information from misconfigured databases lacking password protection, ZDNet reports.The attacker reportedly used an automated script to scan for exposed databases. When it found one, the script deleted the[...]
Not even the red-hot cybersecurity sector is immune to the major economic downturn resulting from the global coronavirus pandemic. As parts of the world begin to gradually reopen for business as stay-at-home orders lift, many IT security teams now also face a fresh new reality of spending and[...]
Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows.Over the past six months, a surge of development activity on a malicious program known as Valak — traditionally used for loading other malware on[...]
Our unique positioning on the global market enables us to be at the forefront of every new technology and with that unique expertise we help our clients to quickly and cost effectively choose, test and deploy the best solutions to service their customer base.