New threats demand that we transform the way we think about securing the endpoints. Case in point: APIs, writes Ross Moore.
Reports
Researcher: malicious packages lurked on npm for months
Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.
The surveys speak: supply chain threats are freaking people out
A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.
Malicious Automation is driving API Security Breaches
Removing the ability to automate against a vulnerable API is a huge step forward, as automation is a key enabler for both the exploitation and the extraction of large amounts of sensitive data.
Spotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELA
In this Spotlight episode of the Security Ledger podcast, I interview Itsik Kesler, the CTO of the threat intelligence firm Kela about the evolution of threat intelligence and findings from the company’s latest State of Cybercrime Threat Intelligence report.