Japan Hit By Another Cryptocurrency Heist – $60 Million Stolen

Japan being hit by another cryptocurrency heist with $60 million stolen. Ilia Kolochenko, CEO and Founder at High-Tech Bridge: “Unfortunately, even the harsh regulation of crypto markets is no silver bullet. Digital coins are extremely attractive for cybercriminals who can easy launder them and convert into spendable cash, even inspite of some losses due to “transactional […]

Web Application Firewall: a must-have security control or an outdated technology?

Garter’s Magic Quadrant (MQ) 2015 for Web Application Firewalls (WAF) estimates that the global WAF market size is as big as $420 million, with 24 percent annual growth, making a Web Application Firewall one of the most popular preventive and/or detective security controls currently being used for web applications. PCI DSS 3.1 requirement 6.6 suggests WAF deployment as an […]

How to Calculate ROI and Justify your Cybersecurity Budget

If you speak with management about money – speak their language and you will definitely get what you need. Almost eight years ago, Bruce Schneier wrote a great article about the problems of ROI calculation for cybersecurity spending within organizations. Since then, both annual spending on cybersecurity and the cost of global cybercrime have significantly increased. Despite […]

Hackers Break into Businesses’ Websites and Apps

Vulnerable web application is just one of the great gifts left for hackers, as it significantly reduces their time, cost and efforts to get into corporate network. So why do companies fail to secure their web apps? There are many ways hackers can get at your Web site and data, but in many of the […]

DDOS Attacks : A Perfect Smoke Screen for APTS and Silent Data Breaches

Growing DDoS attacks more and more frequently try to distract incident response teams in order to hide much bigger security incidents. During this year alone, many security companies have announced a significant increase of DDoS attacks, highlighting growth of their diversity, complexity and quantity. The main resources, usually targeted by the attackers, are web applications […]

Can CTF Players Replace Professional Penetration Testers?

I have been asked by several friends who are CISOs within different organizations if Capture the Flag (CTF) experience makes any difference in how I evaluate incoming CVs for internal IT security auditor or similar positions. This complicated question is also one that I ask myself each time I consider incoming CVs for new penetration […]

Which will Rely on to Identify Web Security Issues?

With today’s security risks constantly changing, current web solutions may not be as effective as companies think. Not only do businesses have to compete with other vendors, they also face threats from cyber criminals looking to take advantage of security vulnerabilities they have failed to detect and patch. One answer to cyber threats is continuous […]

Advanced Persistent Threats Still go Unnoticed by Website Owners

The term “Advanced Persistence Threat” fills news pages on a regular basis. According to ISACA APT Awareness Study, 93.6 per cent of respondents consider APTs to be a “very serious threat” for their companies. However, many “APT” attacks, do not really fall under the ‘advanced’ category in terms of the attackers’ sophistication. A very recent exploit, […]

Cybersecurity and Geopolitics are Twisted

What is the relation between growing security spending, increasing hacking attacks and falling economy? Have you ever thought how the global economy and geopolitics influence cybersecurity and cybercrime? Some people may think these are two completely different domains, however they are strongly and permanently related. An interesting example came up during our recent security awareness project at […]