Checkmarx study reveals high risk of vulnerabilities developed in-house
Savvy Seahorse lures victims to fake investment platforms through Facebook ads
CISO news
Checkmarx study reveals high risk of vulnerabilities developed in-house
heckmarx , the leader in cloud-native application security , has released the annual Future of AppSec Report , which gives
C an in-depth look at the current state of application security , future investments and organisations ’ most critical application security concerns .
The study reveals that 92 % of companies surveyed had experienced a breach in the prior year due to vulnerabilities of applications developed in-house .
In recent years the responsibility for application security has shifted away from dedicated security teams and is now shared between AppSec managers and developers . In the Future of AppSec study , 49 % of respondents said that their developers were involved in key AppSec solution purchases , 41 % said that AppSec managers were involved and 40 % of respondents indicated CISO involvement .
“ The mitigation of AppSec risk is becoming a shared responsibility at a time when cloud-native applications are deployed multiple times each day ,” said Amit Daniel , Chief Marketing Officer at Checkmarx . “ Enterprise CISOs are coming to Checkmarx looking for a way to gain visibility into the security posture of their entire organisational footprints . Our goal is to provide them with that visibility as a way of building what we call ‘ DevSecTrust ,’ or trust between developers and security that can help bring their AppSec maturity to a whole new level .”
Savvy Seahorse lures victims to fake investment platforms through Facebook ads
I nfoblox has released a report unmasking Savvy Seahorse as a leading perpetrator of online cybercriminal investment scam websites .
The threat actor has operated in the shadows since at least 2021 and its target victims include people in Australia and New Zealand . criminals work very hard to create convincing platforms and stories . They prey on the hope we all have to catch a lucky break in life .”
In Australia , the Australian Competition and Consumer Commission ( ACCC ) has reported investment scams were responsible for almost half of the A $ 3.1 billion Australians lost to scams in 2022 .
Savvy Seahorse uses Facebook ads to lure in victims and convince them to open accounts , make deposits and invest in companies .
Once deposited , the cybercriminal gang then transfers the funds to a bank in Russia .
Its tactics , techniques , and procedures ( TTPs ) also include ChatGPT and WhatsApp bots imitating online webchats to encourage victims inquiring about the investment platforms .
Renée Burton , Head of Threat Intelligence , Infoblox , and a former NSA Senior Executive , said : “ Criminals use social engineering to fool people ; it is their job , and they are very good at it .
“ While we might be surprised that people have their life savings stolen from them , we shouldn ’ t shame victims for being fooled . These
Renée Burton , Head of Threat Intelligence , Infoblox
6 WWW . INTELLIGENTCISO . COM