Maria Korolov

Contributing Writer

Maria Korolov has been covering emerging technology and emerging markets for the past twenty years. She has reported from Russia, India, and Afghanistan, and recently returned to the United States after running a news bureau in China for five years

What you need to know about the new OWASP API Security Top 10 list

Directory traversal explained: Definition, examples and prevention

Directory traversal explained: Definition, examples and prevention

In a path traversal attack, also known as directory traversal, an attacker enters information in a web form, URL address line, or another input method that gives them access to a file or directory that they shouldn't have access to....

7 ways 5G mobile networks will change IoT security, and how to prepare

7 ways 5G mobile networks will change IoT security, and how to prepare

Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.

Best antivirus software: 12 top tools

Best antivirus software: 12 top tools

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance and usability.

California Consumer Privacy Act (CCPA): What you need to know to be compliant

California Consumer Privacy Act (CCPA): What you need to know to be compliant

California's new privacy law, AB 375, might not burden security as much as the GDPR, but details are subject to change.

Business email compromise attacks cost millions, losses doubling each year

Business email compromise attacks cost millions, losses doubling each year

Cybercriminals follow the money, and you need look no further than Toyota Boshoku's recent $37 million loss to see why many are turning to BEC scams.

Rich PII enables sophisticated impersonation attacks

Rich PII enables sophisticated impersonation attacks

Hackers are now using rich personally identifying information, including device types and browser versions, cookies and web histories, and even voice recordings to gain account access or commit fraud.

How secure are your AI and machine learning projects?

How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how several companies have minimized their risk.

6 ways cybercriminals use commercial infrastructure

6 ways cybercriminals use commercial infrastructure

Whether through fraud or legitimate purchase, cybercriminals increasingly depend on mainstream services to support their activities.

6 lessons from Venmo’s lax approach to API security

6 lessons from Venmo’s lax approach to API security

Cyber criminals are targeting application programming interfaces to steal sensitive data. Recent exposures and hacks at companies like Venmo, Facebook and Google present lessons to improve API security.

How to close SIEM visibility gaps created by legacy apps

How to close SIEM visibility gaps created by legacy apps

It's often difficult to make log files and other data from legacy applications accessible to security information and event management systems. Here are some options for improving visibility.

What is a botnet? When armies of infected IoT devices attack

What is a botnet? When armies of infected IoT devices attack

A botnet is a collection of internet-connected devices that an attacker has compromised. Commonly used in distributed denial of service (DDoS) attacks, botnets can also take advantage of their collective computing power to send large...

Load More