#Cloud Security

Invest and practice: Grant Oviatt, director of incident-response engagements at Red Canary, lays out the key building blocks for effective IR.

A fake Steam pop-up prompts users to ‘link’ Discord account for free Nitro subs.

The bug (CVE-2021-43267) exists in a TIPC message type that allows Linux nodes to send cryptographic keys to each other.

API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them.

Anti-dumping code kept investors from selling SQUID while fraudsters cashed out.

Much is made of shared responsibility for cloud security. But Oliver Tavakoli, CTO at Vectra AI, notes there's no guarantee that Azure or AWS are delivering services in a hardened and secure manner.

Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breach a Latvian IT vendor and then a South Korean think tank.

New software and code stand at the core of everything we do, but how well is all of this new code tested? Luckily, autonomous application security is here.

Manipulated Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.”

The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the internet.