DNS amplification attacks continue to dominate distributed denial-of-service (DDoS) attacks, while mobile devices make up a larger share of traffic. The number of distributed denial-of-service (DDoS) attacks rose 86% in the third quarter compared to a year ago, with amplification attacks using the domain name system (DNS) remaining the most popular technique for attacking targets.
Before getting more scanning tools, think about what’s needed to defend your organization’s environment and devise a plan to ensure all needed tools can work together productively. To effectively manage cyber-risk, organizations need to gain visibility into existing application and infrastructure vulnerabilities while also learning how to manage them proactively. This can feel like an
The application developed by a research group allows users to spot possible IoT security problems. A project at Princeton University is studying IoT devices used in homes and, in the process, has developed a tool that can give individuals a great deal of insight into the IoT activity going on all around them. The Princeton
If the appsec industry were to develop a better AST solution from scratch, what would it look like? As software, aka applications, microservices, and workloads, increasingly moves into the cloud, its protection has become paramount. Recent research highlights this need, pointing to application vulnerabilities as the leading source of security breaches in 2018. The “Verizon
The explosion of consumer-facing online services and applications is making it easier and cheaper for cybercriminals to host malicious content and launch attacks. Online fraud is a subset of cybercrime that typically takes place at the application layer. Although fraud was commonly associated with scams (for instance, Nigerian fraud), fraudulent transactions, and identity theft in
ERP applications such as Oracle and SAP’s are open to exploit and under attack, according to a new report referenced in a US-CERT warning. Enterprise resource planning (ERP) applications from vendors such as Oracle and SAP are under attack and the critical data living inside them is vulnerable to both criminal and nation-state hackers. That’s the