We are thrilled to announce Polaris now supports DNSSEC — domains protected by Polaris would be able to implement DNSSEC, an extra security feature to enhance their web security. With a few simple steps, you would be able to ensure that traffic to your site is now even more secure. Read on to find out why this is important!
DNS or Domain Name System is often referred to as the phonebook of the internet. It matches IP addresses to domain names and helps users connect to websites when they enter the domain names into their browsers. However, DNS was first…
Threat intelligence is the advanced information used by organisations to understand and defend against cyber threats. With threat intelligence, organisations are able to make faster, better judgements in their cybersecurity functions before a potential breach occurs.
With remote working being the new norm since the onset of the COVID-19 pandemic, we rely on technology more than ever. However, this reliance on technology has led to cybercriminals to exploit this lucrative opportunity and they have ramped up their game. In 2020, 91% of enterprises had experienced an increase in cyberattacks with more employees working from home, according to VMware Carbon Black.
A brute-force attack uses the trial-and-error method to attempt all possible usernames and passwords to obtain correct combinations. It is usually carried out by scripts or bots that target a platform’s login page, with Content Management Systems like WordPress being favoured targets. Simple and popular, brute force is used by cybercriminals to crack passwords and encryption keys.
Due to its popularity, there are different methods of brute-force attacks.
As we usher in the new year of 2021, many opportunities and unknown challenges await enterprises. This includes cybersecurity and with its constantly evolving nature, it is essential for businesses to build and maintain a strong cybersecurity posture to defend against emerging threats.
Here are five cybersecurity forecasts to take note:
Until mass vaccinations occur, remote working is here to stay in 2021. Cybercriminals will continue to exploit the vulnerabilities of remote working such as the security gaps in company networks and infrastructure.
Workers will continue to be a prime target. With many still working from home and using numerous…
2020 is fast coming to an end and it definitely has been a strange year for many. Amid the chaos, the pandemic has also provided plentiful opportunities for cybercriminals to plan and launch attacks against organisations, with 80% of businesses reporting an increase of cyberattacks.
We sum up the top 3 types of cyberattacks this year:
The common pre-pandemic tactic has seen a spike in numbers caused by COVID-19. According to Microsoft, among the millions of targeted messages observed, approximately 60,000 phishing emails included COVID-19 related malicious attachments or URLs in April 2020. The growing sophistication in phishing ploys indicates…
SQL injection (SQLi) is a form of cybersecurity attack that occurs when cybercriminals insert a malicious SQL code into a company’s backend database. The hackers’ code tricks the system into executing a command to provide criminals unauthorised access, allowing them to modify, delete and retrieve confidential data from your database. What results are costly damages to business such as data breaches or huge financial loss from manipulated data from e-commerce checkouts and credits.
With the widespread usage of SQL to manage data in relational database management systems, SQLis will continue to rank as one of the top 10 web security…
A zero-day vulnerability is a security flaw that has yet to be exploited for cyberattacks and no security fixes are available to correct the vulnerability.
When a security vulnerability is discovered, users will usually report it to the developer. Developers then promptly create a solution to patch up the flaw. However, users may also choose to inform others about the security bug on forums or websites on the dark web, making the information confidential from companies. If software developers are not quick enough, this information can be picked up hackers first, who would launch an attack on the program. …
Credential stuffing is an emerging form of cyber threat that is increasingly popular with attackers. Big companies like Spotify and the North Face have fallen victim to credential stuffing. In 2020, up to 350,000 Spotify accounts were hacked and the North Face’s customer base had their sensitive information such as names, birthdays, telephone numbers, billing and shipping addresses leaked.
Malware is a malicious software or code, aimed at causing intentional damage to computers and networks.
Malware is often used as the first step to conduct cyberattacks. An unsuspicious employee may unwittingly download and execute a malware, resulting in devastating consequences.
Common Types of Malware
Virus: A malicious code that can replicate itself and spread to other computers. When executed, it can damage files and even destroy data. Viruses can spread to other devices via a program such as an email attachment.
A data breach involves unauthorised personnel gaining access to confidential and sensitive information. Also known as data leaks, such incidents can occur unintentionally or intentionally. To date, the most notorious events include attacks on Yahoo (2013) and Facebook (2019), where millions of users’ data were compromised.
How Do Data Breaches Occur?
Data breaches can be executed by insiders (such as disgruntled employees) or via external attacks. When your server is not fully secure, hackers take advantage of the loopholes and vulnerabilities, and launch cyberattacks.
Hackers use a variety of techniques to infiltrate networks by making use of their flaws. Malwares…