Sixty-two percent of security leaders around the world surveyed by Radware reported having at least a third of APIs that are undocumented, even though 92% believed having sufficient API protection, indicating the prevalence of a false sense of security in APIs, according to VentureBeat.
BleepingComputer reports that forced updates have been implemented for WordPress sites leveraging the Ninja Forms plugin, which was discovered by Wordfence researchers to be impacted by a critical code injection flaw that could be exploited to facilitate site takeovers.
On the heels of a White House Cybersecurity Executive Forum, HHS HC3 is urging the healthcare sector to make use of free resources to improve risk assessments and overall cyber resiliency.
The U.S. government has been urged by House Armed Services Committee Chairman Adam Smith, D-Wash., to significantly increase investments in upgrading national security communications and software to ensure that they are adequately protected against cybersecurity threats, CyberScoop reports. "We're talking about software systems that, you know, operate our missiles and our ships and everything, they just don't, they are not as protected as they should be.
Two-thirds of companies impacted by cybercrimes during the past year experienced more than one attack, 10% of whom had been attacked at least 10 times, reports ZDNet.
Hello XD ransomware has been updated to include a new encryptor with algorithm modifications and custom packing to further evade detection, according to BleepingComputer
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
