Focus on API security as part of your digital bonding strategy, because APIs are already connecting your business activities.
Private Equity Exposed by Cyber-Hygiene Shortcomings
Fifth of portfolio companies feature “zero tolerance findings”
New AXLocker Ransomware Steals Victims’ Discord Tokens
Researchers also discover two additional new variants
Ten Charged in $11m Healthcare BEC Plots
Several of the men diverted funds intended for hospitals
Best of TaoSecurity Blog Kindle Edition Sale
I’m running a #BlackFriday #CyberMonday sale on my four newest #Kindle format books. Volumes 1-4 of The Best of TaoSecurity Blog will be half off starting 9 pm PT Tuesday 22 Nov and ending 9 pm PT Tueday 29 Nov. They are here. There also ap…
TaoSecurity on Mastodon
I am now using Mastodon as a replacement for the blue bird. This is my attempt to verify myself via my blog. I am no longer posting to my old bird account.Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www….
CISA, NSA, ODNI Publish Software Supply Chain Guidelines For Customers
The come after the August release of guidance for developers and the October one for suppliers
Shoppers Warned Stay Alert this Black Friday as Hackers Renew Efforts
Cyber-criminals are exploiting the busy period during both purchase and delivery stages
Instagram Credential Phishing Attacks Bypass Microsoft Email Security
The attack bypassed both SPF and DMARC email authentication checks
Emerging Threat Actor DEV-0569 Expands Its Toolkit to Deliver Royal Ransomware
As well as malvertising and phishing links, the new threat actor is now also using contact forms to deliver its payloads, found Microsoft