Third Party Risk Assessment

Third Party Risk Assessment Page 6

Threat actors boost Web APIs to execute cyberattacks

New research findings reveal that Web applications cyberattacks are rising continuously, with most attacks coming from Web application programming interfaces (Web API). Researchers are not differentiating the attacks against Web applications and actual cyberattacks that are using Web APIs. However, they believe that the rise of attacks against Web applications is majorly coming from APIs brought by application servers.  The attacks on...
Continue Reading
Visible account manipulations Networking tech company e commerce online shopping telecom

People are setting Visible on fire due to multiple account manipulations

Visible, a Verizon-owned company and an all-digital wireless carrier in the United States that offers unlimited text, calls, video calls, data, hot spots and many more, is receiving many backlashes from its users due to account manipulation.  The company is currently receiving overwhelming criticism from their users, who took it to social media stating that their accounts had...
Continue Reading
Phishing campaign DocuSign trick employees online fraud

Phishing campaign takes advantage of DocuSign to trick lower-tier employees

Today, Phishing campaigns conducted by many threat actors follow a new way of targeting non-executive employees with access to essential areas inside an organization or company, especially the use of DocuSign.  As reported by researchers, fifty percent of all phishing emails they examined in recent weeks impersonated lower-class employees. Up to 77% of them targeted the same group of...
Continue Reading
Threat actors hack account Telegram bots OTP Stealing

Threat actors hack into victims’ accounts via Telegram bots that steal OTPs 

Illegal services that allow threat actors to evade the protection that two-factor authentication (2FA) brings are rampant in underground forums.  While 2FA is the most helpful method of protecting a user’s privacy against criminals hacking into their accounts, threat actors have also found a way to sidestep the protection. One of these is the usage of bots...
Continue Reading
Top 14 Android mobile Apps Firebase misconfigured

Top 14 Android Apps with Millions of installs are Firebase misconfigured

The research revealed that nine out of fourteen android apps, which have more than 30 million users, are potentially leaking data. The top 14 Android apps with over a hundred million installs are at risk for being Firebase misconfigured. Unauthorized parties might access these apps and expose confidential data.     Almost everyone has an Android app installed on...
Continue Reading
Cloud storage applications malware downloads ransomware

Cloud storage applications top the most utilized avenue of malware downloads, according to recent studies

Cyberattacks have been utilizing cloud applications as an avenue of distributing malware, as per recent studies. Researchers have identified that 68% of malware downloads were derived from cloud applications for the 2nd quarter of 2021. Cloud-based misconfigurations are often a contributing factor in terms of these issues.    About 66.4% of malware downloads for the 2nd...
Continue Reading
massive rise cybercrime attacks India reached 11% 2020

Data says that a massive rise of cybercrime attacks in India reached up to 11.8% in 2020

Official data has shown that for the year 2020, India has recorded over 50,053 cases of cybercrime, and 11.8% of it has been a surge of offences over the prior fiscal year.  Following the country’s measuring system incidents per lakh population, the cybercrime rate in India has also grown from 3.3% last 2019 to up to...
Continue Reading
Azure flaw vulnerability hackers unauthorized access data cloud computing

Azure vulnerability threatens customers, which may have allowed hackers unauthorized access to data

Security researchers have identified a flaw towards Azure cloud, which threatens its customers about unauthorized hacker access through their data. This warning came from Microsoft themselves. The tech company said from their security team’s blog post that the flaw reported by Palo Alto Networks has already been fixed and worked on. They also added no evidence of abuse...
Continue Reading
Admin credentials targeted cybercriminals cloud server cyberattacks

Admin credentials are targeted by cybercriminals to improve attacks against cloud servers

According to Lacework analysts, Docker, Redis, SQL, and SSH have been the main targeted cloud servers in the last three months.  As reported by Lacework’s 2021 Cloud Threat Report Volume 2, a lot of firms must now count cyber threat actors as their competitors. This is due to these two main reasons: cybercriminals are extending...
Continue Reading
5G Network rollouts government firms more robust security Singapore

As 5G Network rollouts gather over a hundred thousand new clients, the government urges firms to execute more robust security

As for Singtel, a Singaporean telecommunications corporation that reached over 180,000 new 5G network subscribers and expanded with new commercial use cases which operate on the 5G standalone network, their government has advised stronger security and resiliency in ensuring the safety of the 5G networks.  The 5G networks are mostly software-driven systems that are essentially...
Continue Reading
1 4 5 6 7 8 12