0-day Flaw Lets Attackers Access to Google Accounts
Astrix’s Security Research Group reported a 0-day flow in the Google Cloud Platform (GCP) related to an OAuth flow exploitation. This method was termed “Ghosttoken.” …
Author: Cybernoz
Detectify’s ISO 27001 certification use case and guide for SaaS companies
An ISO 27001 certification use case from Detectify with the on-demand webinar and a guide to implementation (download ebook): A SaaS start-up can only go…
Anonymous Sudan Targets Israel Intelligence Agency
Mossad Cyber Attack: Anonymous Sudan disrupted the Mossad website with a Distributed Denial of Service (DDoS) attack. Mossad, one of the most prominent intelligent agencies…
AI tools help attackers develop sophisticated phishing campaigns
Phishing scams are a growing threat, and cybercriminals’ methods are becoming increasingly sophisticated, making them harder to detect and block, according to Zscaler report. The…
Donating Bounties to Humanitarian Efforts in Ukraine
In 2020, we launched the Hack for Good program to allow ethical hackers to donate their bounties to charitable causes. With the world’s eyes on…
Microsoft Changed the Taxonomy of Naming the Hacker groups
Microsoft has initiated the naming taxonomy for threat actor groups. Over the years, threat actors have evolved massively, leading to confusion about which threat actor…
The silent killers in digital healthcare
As digital transformation revolutionizes the healthcare industry, its use of API (application programming interfaces) technology is skyrocketing. APIs, which help users and apps interact and…
Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
Apr 25, 2023Ravie LakshmananPassword Security / Authentication Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS…
LockBit Hiring: Releases Post For Testers
One of the most malicious cybercriminal groups LockBit, was found sharing a recruitment post on its website on the dark web. The LockBit Hiring statement…
Security Defender Insights: “bad actors are using intelligence and automatic tools, we need to surpass those abilities”
In this new series, Security Defender Insights, Detectify is recognizing Security Defenders in our network to bring you actionable insights and inspiration for your security…
The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming organizations,…
Rethinking the effectiveness of current authentication initiatives
As user credentials continue to be a top vector for cyberattacks, organizations are under tremendous pressure to rethink the effectiveness of current authentication initiatives, according…