What CISA’s BOD 25-01 Means for API Security and How Wallarm Can Help

The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive BOD 25-01. Aimed at improving the security posture of federal cloud environments, BOD 25-01 mandates robust configuration, visibility, and control...

Weak Security Controls and Practices Routinely Exploited for Initial Access

The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory CSA on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise...

DART: the Microsoft cybersecurity team we hope you never meet

If you spent 270 days away from home, not on vacation, you’d want it to be for a good reason. When boarding a plane, sometimes having been pulled out of bed to leave family for weeks on end, I know it’s because one of our customers is in need. It means there is a security compromise and they may ...

Linux: SUID files

When the SUID set user ID bit is set on an executable, it executes with the UID of the owner. This may be intended for some executables. Add files with SUID bit which should be allowed to have this bit set in the preference. This script checks if any other local files than the given have the SUID...

Privacy Fail: Is Uncle Sam Encouraging Bad Security?

CANCUN, MEXICO – A prominent privacy activist says that leading software vendors, and the U.S. government are failing the public when it comes to Internet privacy, and that big changes are needed to prevent consumers from criminals, advertisers and government spies. Christopher Soghoian, a...