Microsoft Defends against 2.4 Tbps DDoS Attack on Azure Cloud Services

Posted on October 15, 2021 at 3:42 PM Distributed Denial of Service (DDoS) attacks have been rising, and their intensity is becoming even bigger. Microsoft has been the latest victim of a major DDoS attack, but it managed to thwart...

/ October 15, 2021

OpenSea vulnerability allowed crypto stealing with malicious NFTs

Researchers investigated the issue in OpenSea after an increase in complaints about receiving and opening free airdropped NFTs to steal user funds. The IT security researchers at Check Point identified critical security vulnerabilities in OpenSea (OpenSea.io – the highly popular...

/ October 14, 2021

What’s a Vulnerability Disclosure Program & Do You Need One?

What Is a Vulnerability Disclosure Program? A VDP is a structured method for anyone to report vulnerabilities. VDPs should include a process for receiving a vulnerability report, prioritizing and remediating vulnerabilities, and setting expectations for follow-ups, such as remediation. Why...

/ October 14, 2021

How Trustpilot Manages Risk by Working with Ethical Hackers

Trustpilot, a cloud-first company with little physical infrastructure, relies on external security testing to ensure its products are resilient to cyberattacks. During a Fireside Chat, Stu explained why he believes combining a continuous bug bounty program and point-in-time security assessments...

/ October 14, 2021

The Ultimate SaaS Security Posture Management (SSPM) Checklist

Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously assess security risk and manage the SaaS applications’ security posture. With enterprises having 1,000...

/ October 14, 2021

Google: We’re Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google’s Threat Analysis Group (TAG) on Thursday said it’s tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of...

/ October 14, 2021

Vulnerability in OpenSea could have allowed Hackers to Steal Cryptocurrencies from User Wallets

Posted on October 14, 2021 at 11:46 AM OpenSea, the largest non-fungible token (NFT) marketplace, suffered a vulnerability that threat actors could have exploited to steal from user wallets. According to researchers, the threat actors could drain these funds using...

/ October 14, 2021

Ukraine Police Arrests DDoS Botnet Operator Who Have Compromised 100,000 Devices

The law enforcement authorities of the Ukrainian have recently arrested a hacker on Monday who is accountable for the formulation and administration of a “powerful botnet” that has over 100,000 controlled devices. All these devices were utilized to convey out...

/ October 14, 2021

Psst! tool by 1Password lets users share passwords using a link

1Password password manager has introduced a new tool called Password Secure Sharing Tool or Psst! that lets users share their passwords or “anything in their 1Password vault” by simply using a link even with those who don’t use 1Password. We...

/ October 13, 2021

Iranian Hackers Attack the US & Israeli Defense Technology – Microsoft Warns

Iranian hackers have recently attacked Microsoft in which more than 250 Microsft Office 365 accounts that are linked to the United States, the European Union, and the Israeli government were being compromised through comprehensive password spraying. Despite having strong protection,...

/ October 13, 2021

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets

A now-patched critical vulnerability in OpenSea, the world’s largest non-fungible token (NFT) marketplace, could’ve been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings...

/ October 13, 2021

Microsoft issues Report on Iranian Hackers Targeting Office 365 Accounts

Posted on October 13, 2021 at 8:06 AM Government agencies have of late been major targets of state-sponsored threat actors. A recent report from Microsoft states that Iranian hackers could be using a password guessing technique to attack military and...

/ October 13, 2021