Aggregator

As the Paris 2024 Olympics ended, our analysis shows the event’s impact on the Internet in France and other countries at different moments, its effect on specific web properties, and a spike in cyber threats and emails related to Simone Biles and others.

Executive Summary Research by Erez Goldberg Server-Side Template Injection (SSTI) vulnerabilities refer to weaknesses in web applications which attackers can exploit to inject malicious code into server-side templates. This allows them to execute arbitrary commands on the server, potentially leading to unauthorized data access, server compromise, or exploitation of additional vulnerabilities. Recently, SSTI vulnerabilities are […]

The post Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities appeared first on Check Point Research.

Akamai introduces new microsegmentation features to the Akamai Guardicore Platform to help organizations further refine their security posture.

Unified-communications-as-a-service (UCaaS) technology is ingrained in business operations at enterprises around the world in every industry. Whether Zoom is being used for telemedicine appointments between patients and providers in healthcare or Microsoft Teams is being used internally at a leading financial services...

Firms are introducing 300 services monthly, contributing to 32% of high or critical cloud exposures

In what may come as a surprise to nobody at all, there’s been yet another complaint about using

Британия превращает интернет в лабиринт для хакеров.

In late July 2024, we detected a series of ongoing targeted cyberattacks on dozens of

In July 2022, Microsoft patched a well-known PPL bypass flaw, initially discovered by Ionescu and Forshaw.  This allowed protection circumvention without kernel code execution, and this update now broke the PPLdump PoC. SCRT Team researchers at Orange Cyberdefense recently discovered a new exploit that enables threat actors to bypass LSASS protection. This new exploit was […]

The post BYOVDLL – A New Exploit That Is Bypassing LSASS Protection appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Анализ 18 000 адресов выявил, что мужские имена чаще подвергаются атакам.

APT42 (aka Damselfly, UNC788, CALANQUE, Charming Kitten) is a sophisticated Iranian state-sponsored cyber espionage group.  This Advanced Persistent Threat (APT) group is known for its ability to carry out long-term and focused digital surveillance campaigns. The major targets of such actions are often government bodies, defense contractors, and critical infrastructure. Cybersecurity researchers at Cyfirma recently […]

The post Iranian APT42 Actors Conducting World Wide Surveillance Operations appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Earth Baku, an APT actor who initially focused on the Indo-Pacific region, has grown its activities extensively since late 2022. The group has increased its presence in Europe, the Middle East, and Africa (MEA), having also confirmed engagements in Italy, Germany, UAE and Qatar. Cybersecurity researchers at Trend Micro recently discovered that Earth Baku has […]

The post Earth Baku Using Customized Tools To Maintain Persistence And Steal Data appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft announced that Face Check with Microsoft Entra Verified ID is now generally accessible. It is available standalone and as part of the Microsoft Entra Suite, a comprehensive identity solution that combines network access, identity protection, governance, and identity verification features to provide Zero Trust access. Notably, earlier this year, the business provided a public […]

The post Face Check With Microsoft Entra Verified ID Is Now Generally Available, Microsoft appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky. He was extradited to the U.S. from Poland on August 9,

A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led

Gigabud, an Android banking trojan impersonating government entities, initially targeted Thailand, the Philippines, and Peru. Its source code significantly overlaps with Golddigger, another Android banking trojan targeting Vietnam.  It indicates a shared threat actor who has expanded Gigabud’s scope to include Bangladesh, Indonesia, Mexico, South Africa, and Ethiopia, demonstrating increased sophistication and geographic targeting.  Researchers […]

The post Golddigger And Gigabud Android Malware Attacking Airlines Customers appeared first on Cyber Security News.

Researchers are tracking two Russia-aligned phishing campaigns that targeted human rights organizat

In the fast-paced world of cybersecurity, every second counts. When an API attack occurs, the speed at which your security team can detect, understand, and respond to the threat can mean the difference between a minor incident and a major data breach. This is where Mean Time to Resolve (MTTR) comes into play. MTTR is a key performance indicator (KPI) that measures the average time it takes to resolve a security incident, from the moment it's detected to the point where it's fully mitigated.

The Importance of MTTR in API Security

APIs are vital for modern applications as they enable smooth communication and data exchange. However, they also pose a significant security risk. API attacks can result in data breaches, service disruptions, and financial losses. The longer an attack remains undetected and unresolved, the more severe the potential damage.

A high MTTR indicates that your security team is struggling to keep up with the pace of attacks. This may be due to a variety of factors, including:

• Alert overload: Many security tools produce an overwhelming number of alerts, making it difficult for analysts to identify and prioritize legitimate threats.
• Lack of context: Without sufficient context about an attack, understanding its scope and impact, which can lead to response delays, can be challenging.
• Manual processes: Depending on manual processes for incident response can be time-consuming and prone to errors.

How Salt Security Helps Reduce MTTR

The Salt Security Platform is designed to help organizations minimize MTTR and improve their API security incident response capabilities. The platform achieves this through several key features.

• High-Fidelity Alerts: Our AI-infused API security platform generates fewer high-fidelity alerts, which are more likely to indicate actual threats. This reduces alert fatigue and enables analysts to focus on the most critical incidents.
• Rapid Investigation Tools: Salt offers powerful investigation tools to aid analysts in rapidly comprehending the context and impact of an attack. These tools include features such as attack timelines, attacker profiles, and API-specific insights.
• Automated Response: We facilitate automated attack blocking and resolution, reducing the necessity for manual intervention and expediting incident response. Additionally, we seamlessly integrate with other security tools, such as SIEMs.
• LLM-driven Attacker Insights: The Salt Security platform uses a custom-built large language model to automatically create detailed profiles of attacker behavior, including their origins, methods, targets, and potential motivations. This gives security teams valuable intelligence for quick and decisive action, improving their ability to understand and respond to API threats effectively. The insights from the language model can help analysts quickly understand the nature of an attack, even if they are unfamiliar with the specific techniques being used, further reducing MTTR (Mean Time to Respond).

The Impact of Reduced MTTR

By reducing MTTR, Salt Security helps organizations:

• Minimize the impact of attacks: Faster incident response means less time for attackers to exploit vulnerabilities and cause damage.
• Improve operational efficiency: Salt Security streamlines incident response processes, freeing security teams to focus on other critical tasks.
• Enhance overall security posture: A lower MTTR demonstrates a strong security posture and a commitment to protecting critical assets.

Conclusion

In the context of API security, time is of the essence. Salt Security's AI-infused platform, focuses on reducing MTTR by providing high-quality alerts, faster investigation capabilities, automated responses, and insights into attackers powered by AI. This allows organizations to promptly and effectively deal with threats. By doing so, not only is the impact of attacks minimized, but it also enhances their overall security posture, ensuring the protection of their valuable APIs.

If you want to learn more about Salt and how we can help you on your API Security journey through discovery, posture management, and run-time threat protection, please contact us, schedule a demo, or check out our website.

The post Time is of the Essence: Shrinking MTTR in API Security appeared first on Security Boulevard.