Don’t Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection
Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.
TikTok API Rules Stymie Analysis of US User Data, Academics Say
Terms of service for API access give TikTok publication review over findings and limit access to critical data on the platform's impact on US users, researchers say.
Hackers Let Loose on Voting Gear Ahead of US Election Season
Ethical hackers were given voluntary access to digital scanners, ballot markers, and electronic pollbooks, all in the name of making the voting process more resilient to cyber threats.
Akira Ransomware Mutates to Target Linux Systems, Adds TTPs
The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.
NFL, CISA Look to Intercept Cyber Threats to Super Bowl LVIII
The league is working with more than 100 partners to workshop responses to a host of hypothetical cyberattacks on the upcoming Big Game in Las Vegas.
Apple Fixes 3 More Zero-Day Vulnerabilities
All of the security bugs are under active attacks, but the extent of their exploitation is unknown.
MGM, Caesars Cyberattack Responses Required Brutal Choices
Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.
Bot Swarm: Attacks From Middle East & Africa Are Notably Up
Most automated attacks from the regions were against e-commerce and telecommunications organizations.
ASPM Is Good, But It’s Not a Cure-All for App Security
What application security posture management does, it does well. But you'll still need to fill in some holes, especially concerning API security.
Do CISOs Have to Report Security Flaws to the SEC?
The new SEC rules make it seem that there is no need to report the presence of security vulnerabilities, but that doesn't quite tell the full story.
Guardians of the Cyberverse: Building a Resilient Security Culture
Whether achieved through AI-enabled automation, proactive identification and resolution of issues, or the equitable distribution of risk management responsibilities, the goal must be resilience.
Cisco Moves into SIEM with $28B Deal to Acquire Splunk
Cisco's surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets.
Mysterious ‘Sandman’ APT Targets Telecom Sector With Novel Backdoor
The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.
What Does Socrates Have to Do With CPM?
It's time to focus on the "P" in cybersecurity performance management.
Researchers Spot Novel “Deadglyph” Backdoor
Malware is linked to UAE-backed spies
Almost US 900 Schools Breached Via MOVEit
National Student Clearinghouse reveals more details of incident
Don’t Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection
Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.
New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time.
"While this activity occurred around the same time and in some instances even simultaneously...
T-mobile exposes some customer data – but don’t call it a breach
PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Infosec in brief T-Mobile has had another bad week on the infosec front – this time stemming from a system glitch that...
