The Java programming language offers a seamless and elegant way to store and retrieve data. However, without proper input validation and safeguards in place, your application can be vulnerable to unsafe deserialization vulnerabilities. In a best-case scenario, deserialization vulnerabilities may simply cause data corruption or application crashes, leading to a denial of service (DoS) condition….

BreachQuest is building a SaaS platform, named PRIORI, that aims to modernize incident response by providing automated end-to-end readiness and response capabilities. The company says its product can provide enhanced visibility, continuously monitoring systems in an effort to detect threats. When a threat has been detected, the platform provides detailed information in order to enable…

The first thing to ask before we talk about digital transformation, is what the heck does “digital transformation” even mean? The reality is that there isn’t a standard definition. Every company is going to have a slightly different path. Many people have different opinions on what it stands for. But the fact that the phrase…

In a notification letter filed with the Maine Attorney General’s Officer, the company said personal information of roughly 6500 individuals was compromised during a ransomware attack that was identified in mid-June. An investigation launched into the incident, the company says, has revealed that the attackers first compromised SAC Wireless’ systems in April 13. The threat…

New research from Palo Alto Networks’ Unit 42 has identified four emerging ransomware groups that have the potential to become bigger problems in the future. These are AvosLocker, Hive Ransomware, HelloKitty, and LockBit 2.0. Emerging ransomware threat groups “With major ransomware groups such as REvil and Darkside lying low or rebranding to evade law enforcement…

Data breaches like ransomware can be catastrophic for some businesses. Not only do affected organizations lose revenue from the downtime that occurs during the incident, the post-breach costs can be significant. These costs can include everything from the time and resources it takes to detect how the compromise occurred and remediate the actual threat to…

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities—CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. These vulnerabilities can be chained together to remotely execute arbitrary code on a vulnerable machine. This set of Exchange vulnerabilities is often grouped under the name ProxyShell. Fixes were available…

T-Mobile has confirmed a data breach that impacted nearly 50 million people, including current, former and prospective subscribers. The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Victims of the T-Mobile or any other breach where personal data is stolen should be aware of follow-on…