Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week.

from Dark Reading https://ift.tt/ncIWyFa
via IFTTT

Creating temporary keys that are not stored in central repositories and time out automatically could improve security for even small businesses.

from Dark Reading https://ift.tt/ZrYgab0
via IFTTT

Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.

from Dark Reading https://ift.tt/gM05XOr
via IFTTT

Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).

from Dark Reading https://ift.tt/COBrNlT
via IFTTT

Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They’re also much harder for defenders to detect and block.

from Dark Reading https://ift.tt/CGqojUM
via IFTTT

Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available.

from Dark Reading https://ift.tt/Txjg4ly
via IFTTT

NIST SP800-219 introduces the macOS Security Compliance Project (mSCP) to assist organizations with creating security baselines and defining controls to protect macOS endpoints.

from Dark Reading https://ift.tt/604Ta1M
via IFTTT

Balancing public service with fraud prevention requires rule revisions and public trust.

from Dark Reading https://ift.tt/8nEZLXS
via IFTTT

LockBit 3.0 promises to ‘Make Ransomware Great Again!’ with a side of cybercrime crowdsourcing.

from Dark Reading https://ift.tt/RLfjMxD
via IFTTT

Cerby platform emerges from stealth mode to let users automate security for applications outside of the standard IT purview.

from Dark Reading https://ift.tt/kIZ0QFu
via IFTTT