The use of mobile phones is expanding worldwide, with approximately 6.65 billion currently in use. As smartphones become ubiquitous, an increasing number of the world’s e-commerce transactions are taking place on mobile devices, leading to the coining of the term “mcommerce” to describe the new method of shopping. eMarketer predicts that by 2024 nearly 70%…
Read More
On November 3, 2022, Sentinel Labs researchers published a report linking the Black Basta Ransomware group to FIN7 (also known as Carbanak) based on shared tactics, techniques, and procedures (TTPs) between Black Basta tools and FIN7 tools. Key Takeaways Key findings for the report include: SentinelLabs researchers describe Black Basta operational TTPs in full detail,…
Read More
According to the U.S Department of Commerce, e-commerce sales in the first quarter of 2022 accounted for 14.3% of total sales. Secure web applications are essential for modern retailers, but many are still struggling to combat common web application risks, including ones such as cross-site scripting and code injection that have been around for years,…
Read More
On November 1, 2022, OpenSSL developers released details of two vulnerabilities: CVE-2022-3786 and CVE-2022-3602. Context In an accompanying blog post, OpenSSL explained that they downgraded the severity of the vulnerabilities to high from the originally announced critical level due to technical barriers to exploitation. No in the wild exploits or proofs of concept (POCs) are…
Read More
WAFs, or web application firewalls, have been around since the late 1990s, becoming popular in the early 2000s when OWASP formalized its top 10 list of application vulnerabilities. WAFs are designed to monitor and block suspicious HTTP traffic from reaching your web applications. This is typically done based on a series of rules that block…
Read More
