Reports

Developer sitting in front of computers.

Attacks on APIs demand a Security Re-Think

New threats demand that we transform the way we think about securing the endpoints. Case in point: APIs, writes Ross Moore.

npm logo. Photo by RealToughCandy.com

Researcher: malicious packages lurked on npm for months

Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.

guy_with_bullhorn

The surveys speak: supply chain threats are freaking people out

A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.

API Security

Malicious Automation is driving API Security Breaches

Removing the ability to automate against a vulnerable API is a huge step forward, as automation is a key enabler for both the exploitation and the extraction of large amounts of sensitive data.

Spotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELA

In this Spotlight episode of the Security Ledger podcast, I interview Itsik Kesler, the CTO of the threat intelligence firm Kela about the evolution of threat intelligence and findings from the company’s latest State of Cybercrime Threat Intelligence report.