Top

Tag: Security


Access control, Security

GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets

May 11, 2023

Via: The Hacker News

GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently leaking keys and other secrets in their code. The Microsoft-owned cloud-based repository hosting platform, which began testing the feature […]


Data loss, Threats & Malware

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised

May 5, 2023

Via: The Hacker News

PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. “The attacker forked each of the packages and replaced […]


Threats & Malware, Virus & Malware

Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks

May 3, 2023

Via: Dark Reading

When discussing ransomware groups, too often the focus is on their names, such as Noberus, Royal, and AvosLocker, rather than the tactics, techniques, and procedures (TTPs) used in an attack before ransomware is deployed. For example, the particularly heavy use […]


Cloud security, Security

What’s the Difference Between CSPM & SSPM?

April 17, 2023

Via: The Hacker News

Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are […]


Access control, Security

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

April 13, 2023

Via: The Hacker News

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. “While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they’re known and fixed, which […]


Privacy protection, Security

Majority of US IT Pros Told to Keep Quiet About Data Breaches

April 13, 2023

Via: Dark Reading

While an increasingly number of regulations have made the reporting of data breaches mandatory, a majority of IT professionals in the United States say they have been told to keep quiet about an incident, potentially running afoul of legal requirements. […]


Access control, Security

1Password Unlock with SSO helps enterprises secure their employees

March 10, 2023

Via: Help Net Security

1Password has launched Unlock with Single Sign-On (SSO) which enables enterprise customers to use Okta for unlocking their 1Password accounts, with Azure AD and Duo integration to follow in the coming months. Unlock with SSO helps IT teams improve their […]


Application security, Security

The emergence of trinity attacks on APIs

February 2, 2023

Via: Help Net Security

When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a […]


Editorial

5 Strategies for Balancing Security, Acquisition, and Support Costs Without Sacrificing CX

October 11, 2022

Via: Joseph Saunders

Since its inception, the global pandemic has continued to have a long-lasting impact on how we buy, work, and also how our businesses operate.  As such, user behaviour has naturally evolved, leading to developments in customer experience (CX) to meet […]


Privacy protection, Security

NetSupport Manager 14 protects data in the hybrid work environment

September 15, 2022

Via: Help Net Security

The working landscape has changed forever. Now, with workforces dispersed across hybrid work environments, having the technology to allow employees to operate effectively while staying secure is key for every organization. For the last 33 years, NetSupport Manager has been […]


Email security, Security

N-able Private Portal adds an extra layer of security for sensitive and business-critical emails

September 9, 2022

Via: Help Net Security

N-able has introduced Private Portal, an extra layer of email security to help protect critical business data, to N-able Mail Assure. Private Portal, included with Mail Assure free of charge, sends a notification to recipients when they receive an email […]


Mobile, Mobile security

DataMotion No-Code Experience delivers secure content exchange to the customers

August 25, 2022

Via: Help Net Security

DataMotion has launched the DataMotion No-Code Experience for mobile applications and portals. Examining the current market conditions and the related constraints on enterprise and healthcare development teams, they have created a simpler way to access the DataMotion platform. The No-Code […]


Network security, Security

The impact of exploitable misconfigurations on network security

August 12, 2022

Via: Help Net Security

Network professionals feel confident with their security and compliance practices but data suggests that they also leave their organizations open to risk, which is costing a significant amount of revenue, according to Titania. In addition, some businesses are not minimizing […]


Access control, Security

Syxsense Zero Trust enables security teams to build access policies and remediation workflows

August 11, 2022

Via: Help Net Security

In Las Vegas, at Black Hat USA 2022, Syxsense announced Syxsense Zero Trust, a module within Syxsense Enterprise that enables endpoint compliance with Zero Trust Network Access policies (ZTNA). Zero Trust initiatives require focus on endpoint protection, but traditional authentication […]


Cloud security, Security, Threats & Malware, Virus & Malware

July was a hot month for cybersecurity research

July 29, 2022

Via: CSO Online

While summer may be vacation season, criminals never take a day off. Researchers are also always busy following their methods and digging into their possible path for exploit. Here are a few interesting research initiatives making headlines this month. When […]


Threats & Malware, Virus & Malware

Uptycs releases new CDR functionality to help organizations detect malicious behaviors

July 28, 2022

Via: Help Net Security

Uptycs released new cloud detection and response (CDR) capabilities for detecting and remediating sophisticated attacks against cloud infrastructure. The new CDR feature will help organizations detect malicious behaviors such as discovery, privilege escalation, remote code execution, and data exfiltration in […]


Threats & Malware, Virus & Malware

1 in 3 employees don’t understand why cybersecurity is important

July 28, 2022

Via: Help Net Security

According to a new Tessian report, 30% employees do not think they personally play a role in maintaining their company’s cybersecurity posture. What’s more, only 39% of employees say they’re very likely to report a security incident, making investigation and […]


Cyber-crime, Identity theft

84% of organizations experienced an identity-related breach in the past 18 months

July 28, 2022

Via: Help Net Security

60% of IT security decision makers believe their overall security strategy does not keep pace with the threat landscape, and that they are either lagging behind (20%), treading water (13%), or merely running to keep up (27%), according to a […]


Threats & Malware, Vulnerabilities

Exploitation of Recent Confluence Vulnerability Underway

July 28, 2022

Via: Security Week

Questions for Confluence is an application designed to help Confluence users obtain information, share information with others, and to seek counsel from experts when necessary. Tracked as CVE-2022-26138 and considered ‘critical severity’, the issue exists because, when enabled on Confluence […]


Cloud security, Security

NetApp Spot Security identifies and assesses cloud security posture risks

July 27, 2022

Via: Help Net Security

NetApp released Spot Security, delivering a solution for continuous assessment and analysis of cloud security posture. Spot Security enables DevOps and SecOps teams to easily collaborate to identify misconfigurations, reduce their potential attack surface, and ensure compliance. Spot Security’s agentless […]