May 11, 2023
Via: The Hacker NewsGitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently leaking keys and other secrets in their code. The Microsoft-owned cloud-based repository hosting platform, which began testing the feature […]
May 5, 2023
Via: The Hacker NewsPHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. “The attacker forked each of the packages and replaced […]
Threats & Malware, Virus & Malware
May 3, 2023
Via: Dark ReadingWhen discussing ransomware groups, too often the focus is on their names, such as Noberus, Royal, and AvosLocker, rather than the tactics, techniques, and procedures (TTPs) used in an attack before ransomware is deployed. For example, the particularly heavy use […]
April 17, 2023
Via: The Hacker NewsCloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are […]
April 13, 2023
Via: The Hacker NewsGoogle on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. “While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they’re known and fixed, which […]
April 13, 2023
Via: Dark ReadingWhile an increasingly number of regulations have made the reporting of data breaches mandatory, a majority of IT professionals in the United States say they have been told to keep quiet about an incident, potentially running afoul of legal requirements. […]
March 10, 2023
Via: Help Net Security1Password has launched Unlock with Single Sign-On (SSO) which enables enterprise customers to use Okta for unlocking their 1Password accounts, with Azure AD and Duo integration to follow in the coming months. Unlock with SSO helps IT teams improve their […]
Application security, Security
February 2, 2023
Via: Help Net SecurityWhen it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a […]
October 11, 2022
Via: Joseph SaundersSince its inception, the global pandemic has continued to have a long-lasting impact on how we buy, work, and also how our businesses operate. As such, user behaviour has naturally evolved, leading to developments in customer experience (CX) to meet […]
September 15, 2022
Via: Help Net SecurityThe working landscape has changed forever. Now, with workforces dispersed across hybrid work environments, having the technology to allow employees to operate effectively while staying secure is key for every organization. For the last 33 years, NetSupport Manager has been […]
September 9, 2022
Via: Help Net SecurityN-able has introduced Private Portal, an extra layer of email security to help protect critical business data, to N-able Mail Assure. Private Portal, included with Mail Assure free of charge, sends a notification to recipients when they receive an email […]
August 25, 2022
Via: Help Net SecurityDataMotion has launched the DataMotion No-Code Experience for mobile applications and portals. Examining the current market conditions and the related constraints on enterprise and healthcare development teams, they have created a simpler way to access the DataMotion platform. The No-Code […]
August 12, 2022
Via: Help Net SecurityNetwork professionals feel confident with their security and compliance practices but data suggests that they also leave their organizations open to risk, which is costing a significant amount of revenue, according to Titania. In addition, some businesses are not minimizing […]
August 11, 2022
Via: Help Net SecurityIn Las Vegas, at Black Hat USA 2022, Syxsense announced Syxsense Zero Trust, a module within Syxsense Enterprise that enables endpoint compliance with Zero Trust Network Access policies (ZTNA). Zero Trust initiatives require focus on endpoint protection, but traditional authentication […]
Cloud security, Security, Threats & Malware, Virus & Malware
July 29, 2022
Via: CSO OnlineWhile summer may be vacation season, criminals never take a day off. Researchers are also always busy following their methods and digging into their possible path for exploit. Here are a few interesting research initiatives making headlines this month. When […]
Threats & Malware, Virus & Malware
July 28, 2022
Via: Help Net SecurityUptycs released new cloud detection and response (CDR) capabilities for detecting and remediating sophisticated attacks against cloud infrastructure. The new CDR feature will help organizations detect malicious behaviors such as discovery, privilege escalation, remote code execution, and data exfiltration in […]
Threats & Malware, Virus & Malware
July 28, 2022
Via: Help Net SecurityAccording to a new Tessian report, 30% employees do not think they personally play a role in maintaining their company’s cybersecurity posture. What’s more, only 39% of employees say they’re very likely to report a security incident, making investigation and […]
July 28, 2022
Via: Help Net Security60% of IT security decision makers believe their overall security strategy does not keep pace with the threat landscape, and that they are either lagging behind (20%), treading water (13%), or merely running to keep up (27%), according to a […]
Threats & Malware, Vulnerabilities
July 28, 2022
Via: Security WeekQuestions for Confluence is an application designed to help Confluence users obtain information, share information with others, and to seek counsel from experts when necessary. Tracked as CVE-2022-26138 and considered ‘critical severity’, the issue exists because, when enabled on Confluence […]
July 27, 2022
Via: Help Net SecurityNetApp released Spot Security, delivering a solution for continuous assessment and analysis of cloud security posture. Spot Security enables DevOps and SecOps teams to easily collaborate to identify misconfigurations, reduce their potential attack surface, and ensure compliance. Spot Security’s agentless […]