Every company has a duty to protect its customers from supply chain attacks while simultaneously taking action to prevent being a supply chain victim of its own suppliers.
The latest AppSec Stats Flash report from NTT Application Security has found that the remediation rate for severe vulnerabilities is on the decline, while the average time to fix is on the rise.
In what is, at least so far, the biggest cybersecurity blunder of the Tokyo Olympics, an Italian TV announcer did not realize he was on air when he asked the password for his computer.
A handful of key Biden administration officials on Tuesday voiced support for legislation that would mandate certain businesses report ransomware attacks to the government.
The upgrade is expected to conclude in “early August”. Tencent hasn’t defined a range of dates that fits within that phrase, leaving open the possibility that the suspension could last a week or more.
The top NFT Ethereum-based game Axie infinity, is a Pokemon-like play-to-earn game that lets its users earn SLP (Smooth Love Potion). Threat actors are targeting the players with a fake crypto wallet.
Kaspersky discovered a significant rise in malicious links for bogus Windows 11 installers. The primary purpose of the executable is to download different types of malicious software on the device. Therefore, it is recommended that users avoid downloading installations from third-party websites.
Cybercriminals have been found using new ‘exotic’ programming languages for carrying out cyber attacks. A recently published report suggests that the use of a few specific languages is becoming a trend to develop new malware. To identify and prevent such threats, security researchers suggested software engineers and threat analysts employ implementation-agnostic detection rules.
According to a report from the F5 Labs, web application exploits were used in 57% of the most significant cybersecurity incidents that occurred in the last five years.
These types of software are distributed via shady sites, YouTube, and torrents to trick victims into believing that they are downloading the latest software or a game installer.