By Walter Capitani, Director, Technical Product Management, GrammaTech
Enterprises are spending a pittance on securing their software supply chain, which makes COTS software dangerous β vulnerabilities can be "hidden" in open source components.
Recent attacks involving so-called "right-to-left override" spoofing aimed at Microsoft 365 users show how attackers sometimes modify and improve old methods to try and stay one step ahead of defenders.
With its benefits of deniability, relatively low costs, and the ability to attack from anywhere, cyber terrorism will increasingly threaten civilians everywhere.
Qualys Context XDR provides the security context that operations teams need to eliminate false positives and noise by triangulating risk posture, asset criticality, and threat intelligence.
By Vernon Keenan, Senior Industry Analyst, SalesforceDevops.net
Some companies go too fast when it comes to SaaS, DevOps, and security, but smart developers and implementers will respect some basic guidelines to keep their product safe.
Take a proactive approach to client-side security: Why monitoring your JavaScript programming language is so important to your overall security posture.
The Antlion group, also known as Pirate Panda and Tropic Trooper, has shifted to targeting mainly Taiwan, using custom backdoors against financial organizations.
By Luke Stephens (aka Hakluke), Security Researcher and Detectify Crowdsource Hacker
By utilizing these resources, beginner hackers can find their specific passions within the cybersecurity space and eventually make their own mark in the ethical hacking profession.
New automated offering helps organizations gain comprehensive visibility across IT environments, continuously monitor for vulnerabilities, operationalize threat intelligence and manage risk.
The US Department of Homeland Security has named a 15-member review board to assess significant cybersecurity events and recommend improvements - starting with the Log4J vulnerability.
The acquisition enables distributed teams to connect to remote or cloud infrastructure in a hyper-secure, agentless and passwordless way without a VPN.
By Lech Sandecki, Product Strategy Manager, Canonical, the publisher of Ubuntu
Practical steps companies can take to defend their critical infrastructure and avoid the financial and reputational damage that could result from a breach.
As companies shift more operations to the cloud, a shortfall in security talent and too much security data wastes more than half of the time spent on security issues, a survey finds.
By Austin Murphy, vice-president of managed services, CrowdStrike
Enterprises interested in managed detection and response (MDR) services to monitor endpoints and workloads should make sure the providers have rock-solid expertise in detecting and responding to threats.
The acquisition positions Vectra to help customers securely configure and detect active threats in cloud identity and SaaS applications, including Microsoft Azure AD and Microsoft 365.