Traceable AI announced the appointment of Richard Bird as Chief Security Officer (CSO). In this role, he will lead Traceable’s internal data security efforts and provide his unparalleled cybersecurity expertise to propel Traceable’s mission to secure APIs across the globe…
Category: Help Net Security
CoreStack acquires Optio3 to boost digital transformation for enterprises
CoreStack announced the company’s acquisition of Optio3, an AI-powered operations management company based in Seattle, WA. As a result, CoreStack will acquire 100 percent of Optio3’s technology and IP and will integrate Optio3 team into the CoreStack team. Optio3 Co-founder…
MS SQL servers are getting hacked to deliver ransomware to orgs
Cybercriminals wielding the FARGO (aka Mallox, aka TargetCompany) ransomware are targeting Microsoft SQL (MS SQL) servers, AhnLab’s ASEC analysis team has warned. They haven’t pinpointed how the attackers are getting access to the targeted servers, but noted that typical attacks…
Scams targeting crypto enthusiasts are becoming increasingly common
Group-IB has noted a fivefold increase in the number of domains used for crypto giveaway scams that involve fake YouTube streams in the first half of 2022. This Help Net Security video reveals how crypto giveaway scams have evolved into…
The various ways ransomware impacts your organization
Despite increased investment in tools to fight ransomware, 90% of organizations were affected by ransomware in some capacity over the past 12 months, according to SpyCloud’s 2022 Ransomware Defense Report. Allocation of security budgets Respondents ranked the risk of attack…
The key differences between a business continuity plan and a disaster recovery plan
In this Help Net Security video, Chip Gibbons, CISO at Thrive, illustrates the differences between a business continuity plan and a disaster recovery plan. While these terms are often used interchangeably, there are important differences and it’s critical to have…
Making a business case for security in a world of tightening budgets
With talk of a possible recession approaching (if one isn’t already upon us), many businesses are already applying a higher level of scrutiny to spending—even for business-critical costs like cybersecurity. As budgets begin to tighten, security and IT leaders need…
Why zero trust should be the foundation of your cybersecurity ecosystem
For cybersecurity professionals, it is a huge challenge to separate the “good guys” from the “villains”. In the past, most cyberattacks could simply be traced to external cybercriminals, cyberterrorists, or rogue nation-states. But not anymore. Threats from within organizations –…
Open source projects under attack, with enterprises as the ultimate targets
Sonatype has found a massive year-over-year increase in cyberattacks aimed at open source projects. According to early data from Sonatype’s 8th annual State of the Software Supply Chain Report, an average 700% jump in cyberattacks against open source projects/repositories has…
HBC selects Veeam to improve data protection and ransomware resilience
Veeam Software announced that HBC, a holding company of investments and businesses that operates at the intersection of technology, retail operations and real estate, has chosen Veeam Availability Suite to centralize data protection on premises and across clouds. Veeam helps…
MITRE and Department of Defense announce FiGHT framework to enhance 5G security
MITRE and the Department of Defense (DoD) announced the launch of the FiGHT (5G Hierarchy of Threats) adversarial threat model for 5G systems. FiGHT empowers organizations to, for the first time, reliably assess the confidentiality, integrity, and availability of 5G…
David Alexander joins Everbridge as CMO
David Alexander as Chief Marketing Officer at Everbridge is responsible for leading the global strategy and vision for the Everbridge brand, and the go-to-market motions for the Company’s market-leading Critical Event Management (CEM) product suite. David reports to Executive Vice…
To encrypt or to destroy? Ransomware affiliates plan to try the latter
Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims’ data. Targeting the data Researchers from Symantec, Cyderes and Stairwell have recently analyzed a new version of the Exmatter data exfiltration tool…
RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)
Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic installation of hotfixes enabled. If this news triggers a feeling of déjà vu, there’s a…
How the CIO’s relationship to IT security is changing
In this Help Net Security video, Joe Leonard, CTO at GuidePoint Security, illustrates how the role of the CIO is changing as cybersecurity priorities and responsibilities are creeping into the job description. Globally, CIOs find it most difficult to solve…
3 ways to gauge your company’s preparedness to recover from data loss
Use these three questions to assess your company’s preparedness to retrieve lost data. 1. Do you have backups of your data? This fundamental question is the basis of your reaction and remediation strategy. Without a backup, data loss is inevitable.…
CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++
Fuzz testing helps developers protect their applications against memory corruptions, crashes that cause downtime, and other security issues, including DoS and uncaught exceptions. Code Intelligence has open-sourced a new security tool, CI Fuzz CLI, which lets developers run coverage-guided fuzz…
Introducing the book: Project Zero Trust
In this Help Net Security video interview, George Finney, CSO at Southern Methodist University, talks about his latest book – “Project Zero Trust: A Story about a Strategy for Aligning Security and the Business“. Presented in the form of a…
How confident are IT pros in their tech career?
SolarWinds unveils the results of its survey examining the state of the technology job market amid industry-wide labor shortages and hiring challenges. Released to coincide with the eighth-annual IT Pro Day holiday, the survey found despite a potential economic downturn,…
Phishing attacks skyrocketing, over 1 million observed
The APWG’s Phishing Activity Trends Report reveals that in the second quarter of 2022, the APWG observed 1,097,811 total phishing attacks — the worst quarter for phishing that APWG has ever observed. The total for June was 381,717 attacks or…
Authomize expands REST API framework to provide in-depth visibility into the IAM permission models
Authomize has expanded its REST API framework that enables customers to easily build their own custom connectors to their cloud and homegrown applications and services in as little as a couple of hours. Authomize’s Software-as-a-Service (SaaS) solution enables organizations to…
Week in review: Revolut data breach, ManageEngine RCE flaw, free Linux security training courses
GTA 6 in-development footage leaked American video game publisher Rockstar Games has suffered an unfortunate data leak: someone has released online in-development footage/videos for Grand Theft Auto (GTA) 6, the eagerly anticipated instalment of the popular game. Uber says Lapsus$…
Kyndryl and Elastic expand partnership to help users enhance data-driven digital transformation initiatives
Kyndryl and Elastic, the company behind Elasticsearch, have expanded global partnership to provide customers full-stack observability, enabling them to accelerate their ability to search, analyze and act on machine data (IT data and business data) stored across hybrid cloud, multi-cloud…
DocuSign hires Allan Thygesen as CEO
DocuSign announced that the Company’s Board of Directors has hired Allan Thygesen as Chief Executive Officer. Allan Thygesen will assume the strategic leadership of the company and a role on DocuSign’s board of directors, effective October 10th. Mary Agnes “Maggie”…
IBM acquires Dialexa to provide end-to-end digital transformation services for clients
IBM plans to acquire Dialexa, to help companies drive innovation and achieve their digital growth agendas. The acquisition is expected to deepen IBM’s product engineering expertise and provide end-to-end digital transformation services for clients. Dialexa will be the sixth acquisition…
BigID provides Snowflake customers with accelerated security controls
BigID has announced native data security controls for Snowflake, alongside becoming the first Snowflake partner to achieve Snowflake Ready Technology Validation in both “Data Security” and “Data Cataloging”. BigID provides Snowflake customers with simplified access control, a data-centric approach to…
Moshe Bar joins AlmaLinux Board of Directors
Codenotary CEO and chairman, Moshe Bar was elected to the board of the AlmaLinux OS Foundation, which stewards the community owned and governed open source CentOS replacement. Codenotary is a gold sponsor of AlmaLinux and uses the distribution extensively throughout…
SecurityScorecard appoints Susan M. Gordon to Board of Directors
SecurityScorecard has unveiled that The Honorable Susan M. Gordon, former Principal Deputy Director of U.S. National Intelligence, has been appointed to its Board of Directors as an independent director. Gordon was the second-most senior intelligence official in the U.S., where…
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities (KEV) Catalog. The details of in-the-wild exploitation of…
Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, application development and mobile app security, social engineering and phishing, and PCI- and FedRAMP-specific findings, with data segmented…
Tackling the weaknesses of smart buildings’ technology
Like any other innovation, the integration of IoT technology in smart buildings will bring benefits as well as more and newer risks. The market for smart building technologies continues to grow at even faster rates. By 2020, 1.7B connected devices…
New infosec products of the week: September 23, 2022
Here’s a look at the most interesting products from the past week, featuring releases from 42Crunch, Cloudflare, Code42, Commvault, and Onfido. Code42 Incydr enhanced detection monitors Git to protect source code and avoid IP theft Code42 has enhanced source code…
How to keep public cloud data secure
Nearly two-thirds of respondents to a recent Laminar survey said they currently have data resident in the public cloud (Amazon Web Services, Microsoft Azure, or Google Cloud Platform). At the same time, only 40.3% said that they had a public…
How does identity crime affect victims?
The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or misused in the past year. The report goes beyond the known financial implications of…
Mitigating the cybersecurity crisis for the school year ahead
As students head back into the classroom, K-12 district leaders are faced with the difficult task of preventing and mitigating cybersecurity threats against their districts. School systems have become a popular target for cybercriminals over the last few years due…
Platform9 Arlon allows developers to deploy and configure a large number of clusters
Platform9 launches its latest open source project, Arlon. Arlon defines a unified architecture that leverages GitOps, declarative APIs, and Kubernetes to manage and reconcile state of both infrastructure (clusters and underlying resources) as well as workloads (apps and configurations). Arlon…
Secure Code Warrior Coding Labs helps developers advance their secure coding skills
Secure Code Warrior has unveiled Coding Labs, a new mechanism that allows developers to more easily move from learning to applying secure coding knowledge, leading to fewer vulnerabilities in code. This marks the first time a coding-specific platform has enabled…
ServiceNow unveils new features in Now Platform Tokyo to increase business resilience for organizations
ServiceNow has released even more solutions within the Now Platform Tokyo designed to supercharge operational intelligence and trust. In addition to ServiceNow Vault, ServiceNow is releasing new AI-powered features and developer and risk management tools to help organizations operate more…
Orange and Netskope partner to protect enterprise customers from data loss
Orange Business Services, Orange Cyberdefense, and Netskope, have formed a partnership to deliver a new SSE (Security Service Edge) solution embedded into the Orange Telco Cloud Platform. The enhanced solution is designed to deliver optimal performance with maximized security, meaning…
Phosphorus and Dewpoint collaborate to deliver a new generation of xIoT security solutions
Phosphorus has announced a partnership with Dewpoint. The IT and security solutions provider will act as a value-added reseller (VAR) for Phosphorus in the US market. The new partnership will see the two companies jointly delivering a new generation of…
Regula 4306 empowers forensic experts to detect fake and counterfeit documents
Regula announced Regula 4306 is available for order. Having inherited the functionality of its full-size cousins for advanced verification, the device remains a compact multifunctional tool accessible to a wider audience. Over the past 8 months, Regula 4306 passed field…
Cloudflare’s DLS in the Asia Pacific region helps customers comply with their data localization obligations
Cloudflare’s Data Localization Suite (DLS) is available in three new countries in the Asia Pacific region: Australia, India, and Japan. The Data Localization Suite will help businesses based in these countries, as well as global companies who do business in…
Trellix launches Advanced Research Center to improve global threat intelligence
The Advanced Research Center, comprised of hundreds of the security analysts and researchers, produces actionable real-time intelligence and threat indicators to help customers detect, respond and remediate the latest cybersecurity threats. “The threat landscape is scaling in sophistication and potential…
Tod Ewasko joins NetWitness as CPO
NetWitness announced Tod Ewasko as the new Chief Product Officer. “As NetWitness continues to push the boundaries of extended detection and response, and more organizations look to invest in threat detection, it is increasingly important that we grow our capabilities…
BioCatch hires Jonathan W. Daly as CMO
BioCatch announced that Jonathan W. Daly has joined the company as Chief Marketing Officer. With more than 25 years of executive marketing experience in high-growth technology companies, Jonathan W. Daly will be responsible for leading the development and communication of…
Wolfi: A Linux undistro with security measures for the software supply chain
Wolfi is a new community Linux undistribution that combines the best aspects of existing container base images with default security measures that will include software signatures powered by Sigstore, provenance, and software bills of material (SBOM). Software supply chain security…
Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)
Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in closed-source projects. Successful exploit The vulnerability exists in the Python tarfile module which is a default module…
What you need to know about Evil-Colon attacks
While novel attacks seem to emerge faster than TikTok trends, some warrant action before they’ve even had a chance to surface. This is the case for an attack we’ll refer to as Evil-Colon, which operates similarly to the now defunct…
What could be the cause of growing API security incidents?
Noname Security announced the findings from its API security report, “The API Security Disconnect – API Security Trends in 2022”, which revealed a rapidly growing number of API security incidents, concerning lack of API visibility, and a level of misplaced…
Email-based threats: A pain point for organizations
In this Help Net Security video, Igal Lytzki, Incident Response Analyst at Perception Point, discusses a recent Remcos RAT malware campaign and more broadly, the threat that email-based threats and phishing pose to organizations. To extract credentials and other sensitive…
Cloudflare integrates CASB and DLP services into its zero trust platform
Cloudflare has unveiled that both its Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP) services are now available as part of Cloudflare’s zero trust platform. Cloudflare CASB provides businesses visibility and control across their corporate SaaS applications to…
Commvault Metallic ThreatWise proactively detects unknown and zero-day threats
Commvault releases Metallic ThreatWise, an early warning system that proactively surfaces unknown and zero-day threats to minimize compromised data and business impact. According to Enterprise Strategy Group, only 12% of the IT directors surveyed indicated confidence in having the proper…
SMBs vs. large enterprises: Not all compromises are created equal
Attackers view smaller organizations as having fewer security protocols in place, therefore requiring less effort to compromise. Lumu has found that compromise is significantly different for small businesses than for medium-sized and large enterprises. “There is no silver bullet for…
The best ways to safeguard crypto assets
The mainstream emergence of cryptocurrency, coupled with its popularity among cybercriminals, has created a potentially dangerous environment for those with significant crypto holdings. In this Help Net Security video, Nick Percoco, Chief Security Officer at Kraken, explains why it’s important…
NuID Ecosystem powered by Kii token enables users to control their digital identity
NuID has launched the Nu Identity (NuID) Ecosystem to provide internet users with the ability to own and control their digital identity by using services built upon NuID’s foundational zero-knowledge authentication solution. The Nu Identity Ecosystem is powered by Kii,…
NetWitness’ new MDR service helps customers address the ongoing cyber skills shortage
NetWitness announced a new Managed Detection and Response (MDR) service to enable companies to leverage NetWitness for expanded cybersecurity in a fully outsourced model. The new NetWitness MDR Service helps customers address the ongoing cyber skills shortage while keeping their…
Onfido Motion protects against display attacks and sophisticated 2D/3D masks
Onfido unveiled Motion, a next generation biometric liveness solution to enhance its Real Identity Platform, launched in May. Motion delivers seamless, secure, and inclusive customer verification and is iBeta Level 2 certified. With a simple head-turn capture, businesses can automate…
Black Box and Juniper Networks partner to deliver digital workplace connectivity
Black Box has formed a Strategic Alliance Partnership with Juniper Networks, to provide Wi-Fi and LAN networks. The partnership allows Black Box to drive innovation in connectivity, giving superior data and networking options. Black Box explains that networks using Beyond…
Lookout extends collaboration with Verizon to bring data-centric cloud security to businesses
Lookout has expanded its partnership with Verizon to deliver the Lookout Cloud Security Platform to Verizon business customers. The Lookout Cloud Security Platform helps safeguard an organizations’ data, identify and mitigate threats and facilitates secure access to the web, private…
CompoSecure appoints Paul Galant to Board of Directors
CompoSecure announced the appointment of Paul Galant to its Board of Directors as an independent director. Mr. Galant is a seasoned executive with extensive experience in financial services, payments, and security technology. He has experience as a public company CEO…
Napier names Greg Watson as CEO
Napier has named its current Chief Operations Officer Greg Watson, as Chief Executive Officer with immediate effect, as former CEO Julian Dixon moves into a full-time role as Founder and Board Member. Greg’s tenure at Napier as well his wealth…
Theresa Payton joins Conceal Board of Advisors
Conceal has announced that Theresa Payton, who made history as the first female White House Chief Information Officer and is a veteran cybercrime fighter, entrepreneur and author, has joined the Conceal Board of Advisors. “The fact that business applications are…
Deep Instinct appoints Lane Bess as CEO
Deep Instinct has unveiled that Lane Bess, former Palo Alto Networks CEO and Zscaler COO, is taking over as CEO, effective immediately. As an early investor and then Executive Chair of Deep Instinct’s Board, Bess has intimate knowledge of the…
Vector Capital invests $100 million in Malwarebytes to improve cyberprotection for organizations
Vector Capital announced it will make a strategic $100 million minority investment in Malwarebytes. As part of the transaction, Vector Capital Managing Directors Sandy Gill and Dave Fishman will join the company’s Board of Directors. Malwarebytes plans to leverage the…
ActionIQ and Snowflake join forces to build composable customer data stacks
ActionIQ has joined forces with Snowflake, to integrate AIQ’s new HybridCompute technology directly with the Snowflake Data Cloud, empowering enterprise IT teams to maximize the value of existing technology investments while maintaining seamless experiences for business users. HybridCompute is a…
Is $15.6 billion enough to protect critical infrastructure?
Several bills totaling $15.6 billion are making their way through the House for the 2023 fiscal year. While $11.2 billion will go to the Department of Defense, $2.9 billion will be allocated to the Cyber Security and Infrastructure Security Agency…
3 free Linux security training courses you can take right now
Linux Server Management and Security University of Colorado / Instructor: Greg Williams, Lecturer This course dives into how Linux works from an enterprise perspective: In week 1 we will look at what Linux is used for in the enterprise. By…
US to award $1B to state, local, and territorial governments to improve cyber resilience
The US government will award $1 billion in grants to help state, local, and territorial (SLT) governments address cybersecurity risks, strengthen the cybersecurity of their critical infrastructure, and ensure cyber resilience against persistent cyber threats. “Applicants have 60 days to…
The explosion of data is beyond human ability to manage
Dynatrace announced the results of an independent global survey of 1,303 CIOs and senior cloud and IT operations managers in large organizations, showing that as the move toward cloud-native architectures accelerates, the data generated by such environments outstrips current solutions’…
Agent-based vs. agentless security: Pros and cons
In this Help Net Security video, Mark Nunnikhoven, Distinguished Cloud Strategist at Lacework, discusses agent-based vs. agentless approaches in security. Ransomware is proliferating and Log4j showed us that zero-day threats are lurking around every corner. These threats cost more than…
Fivetran Metadata API helps enterprises address compliance requirements
Fivetran has presented the availability Fivetran’s Metadata API to enable the tracking of data “in-flight” from source to destination as it moves through Fivetran-managed pipelines. With this additional visibility, customers can integrate with governance and observability tools to give data…
DartPoints’ enhanced MDR detects threats across endpoints, network and SaaS applications
DartPoints launches its updated managed detection and response (MDR) product, which combines MDR, endpoint detection and response (EDR), security orchestration, automation and response (SOAR), and extended detection and response (XDR) into one complete solution with support and monitoring by DartPoints…
ThreatQ TDR Orchestrator addresses industry needs for simpler implementation
ThreatQuotient has released a new version of ThreatQ TDR Orchestrator, the solution for a simplified, data-driven approach to security operations. Built on the ThreatQ Platform, the continued innovation of ThreatQ TDR Orchestrator includes enhanced automation, analysis and reporting capabilities that…
4 key takeaways from “XDR is the Perfect Solution for SMEs” webinar
Cyberattacks on large organizations dominate news headlines. So, you may be surprised to learn that small and medium enterprises (SMEs) are actually more frequent targets of cyberattacks. Many SMEs understand this risk firsthand. In a recent survey, 58% of CISOs…
20/20 visibility is paramount to network security
Infoblox announced the results of a Forrester Consulting study, which found IT leaders around the world share a ubiquitous appetite for greater network visibility. The findings underscore a convergence in security with networking, which IT decisionmakers now view as the…
EndaceProbe 2100 series allows SoC teams to defend the branch and edge locations
Citing the importance of increased visibility before, during, and after a cybersecurity incident, Endace announced a new series of next-generation EndaceProbe Platforms for continuous, high-speed packet capture at network edge and branch locations. As recent cyberthreats have shown, attacks can…
ActiveState Artifact Repository reduces the risk of securing Python supply chain
ActiveState releases ActiveState Artifact Repository to enable organizations to securely build Python dependencies directly from source code. Rather than developers importing prebuilt Python dependencies from a public repository like the Python Package Index (PyPI), or from some internal build process…
Sardine raises $51.5 million to accelerate development of its fraud and compliance platform
Sardine has raised $51.5M in Series B financing to accelerate product development as well as marketing and sales across the globe. Andreessen Horowitz’s Growth Fund led the round with participation from new and existing investors, including XYZ, Nyca Partners, Sound…
ISG and cyberconIQ collaborate to reduce people-related cyber risks
Information Services Group (ISG) has formed a partnership with cyberconIQ, a cybersecurity platform and advisory company, to address the human side of cybersecurity. Under the new partnership, Information Services Group will be able to offer its clients the capabilities of…
GuidePoint Security partners with Deepwatch to help government agencies protect against cyber threats
GuidePoint Security announced that Deepwatch has joined the Emerging Cyber Vendor Program. This GuidePoint Security Program is specifically designed to help emerging cybersecurity vendors expand their federal footprint. As part of this program, the Deepwatch MDR solution is now available…
Belden and Cylus join forces to provide cybersecurity platform for rail operators
Belden has joined forces with Cylus, and will enable customers that use Belden’s Firewall to supplement it with an optimized version of CylusOne software available for license from Cylus. The combination of Belden and Cylus solutions that customers will be…
Intellicheck appoints Dondi Black and Greg Braca to its Board of Directors
Intellicheck has appointed Dondi Black and Greg Braca to the company’s board of directors. Black is Senior Vice President, Chief Product Officer at TSYS. Braca is the former CEO and president of TD Bank. “We are very excited to add…
Splunk names Tom Casey as SVP and GM, Platform
Splunk has named Tom Casey as Senior Vice President and General Manager, Platform, effective September 20, 2022. Reporting to Gary Steele, President and Chief Executive Officer of Splunk, Casey will lead the company’s platform strategy, including development and operations of…
Rick Jackson joins Veeam Software as CMO
Rick Jackson is an experienced marketing leader who most recently held chief marketing roles at Qlik, Rackspace and VMware. He will lead Veeam’s global marketing organization as it continues to drive brand preference and ongoing growth as the market leader…
Revolut data breach: 50,000+ users affected
Revolut, the fintech company behing the popular banking app of the same name, has suffered a data breach, which has been followed by phishing attacks aimed at taking advantage of the situation. About the Revolut data breach Revolut customers began…
Uber says Lapsus$ gang is behind the recent breach
Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. “It is likely that the attacker purchased the contractor’s Uber corporate password on the dark web, after the contractor’s personal device…
How to activate Lockdown Mode on macOS Ventura
Apple announced additional security and privacy updates for its newest operating system. In this Help Net Security video, you’ll learn how to activate Lockdown Mode on your Mac in macOS Ventura. The post How to activate Lockdown Mode on macOS…
The rise of attacks on critical infrastructure
A recent research found an increase in attacks across all the most targeted industries and organizations, including education, healthcare and finance. Attacks on critical infrastructure in particular have quadrupled. It is clear that the goal of theses cyberattacks is less…
Take cybersecurity out to where employees and data are coming together
Every morning, we wake up and chances are, we start immediately accessing and consuming information. Whether it’s accessing personal emails, downloading sales reports, or paying bills, we’re switching devices constantly, and are used to managing both our personal and work…
How can organizations benefit from full-stack observability?
New Relic published the 2022 Observability Forecast report, which captures insights into the current state of observability, its growth potential, and the benefits of achieving full-stack observability. As IT and application environments increasingly move toward complex, cloud-based microservices, the research…
Open-source software usage slowing down for fear of vulnerabilities, exposures, or risks
Anaconda released its annual 2022 State of Data Science report, revealing the widespread trends, opportunities, and perceived blockers facing the data science, machine learning (ML), and artificial intelligence (AI) industries. The global study targeted the open-source community through three cohorts…
The 25 most popular programming languages and trends
CircleCI released the 2022 State of Software Delivery report, which examines two years of data from more than a quarter billion workflows and nearly 50,000 organizations around the world, and provides insight for engineering teams to understand how they can…
42 Crunch API Scan helps enterprises to solve security challenges during the development workflows
42Crunch has released API Scan service inside the IDEs for developers. With over 500,000 developers already using 42Crunch, this latest addition to the platform means enterprises can further strengthen their shifting of API security as far left as possible into…
iBASIS collaborates with jtendo to protect customers’ signaling networks
iBASIS has integrated the multi-protocol signaling firewall of jtendo to its Managed Cloud-Based Security Portfolio, iBASIS Security iQ360. The increase in the number of network protocols (also covering 5G), technologies, and roaming traffic creates a greater complexity requiring advanced features…
Shockoe and Veriff partner to help users prevent fraud and comply with regulations
Shockoe and Veriff collaborate to pave the way for secure mobile solutions by allowing businesses to create mobile apps accessible to real users, preventing fraud and providing privacy. Shockoe creates solutions that are measurable, impactful, and intuitive. Shockoe works across…
Absolute and Trellix join forces to strengthen endpoint security posture for organizations
Absolute Software has partnered with Trellix to extend its patented Absolute Persistence technology to Trellix Endpoint Security (ENS). With this latest addition to the company’s Application Resilience ecosystem, joint customers can leverage the power of Absolute’s firmware-embedded connection to ensure…
CyberArk appoints Peretz Regev as CPO
Peretz Regev brings more than 20 years of senior leadership and product engineering experience to CyberArk. Previously, Regev was vice president of Global Data Science and Engineering at PayPal. Regev also served as the general manager of PayPal Israel. In…
How safe is the cloud infrastructure of educational institutions?
83% of educational organizations confirmed they store sensitive data in the cloud. With educators and students constantly sharing that information, they are more concerned about insider threats than other industries. 48% of respondents in this sector consider cybersecurity risks associated…
GTA 6 in-development footage leaked, hack still unconfirmed
American video game publisher Rockstar Games has suffered an unfortunate data leak: someone has released online in-development footage/videos for Grand Theft Auto (GTA) 6, the eagerly anticipated instalment of the popular game. “Its possible i could leak more data soon,…
High severity vulnerabilities found in Harbor open-source artifact registry
Oxeye security researchers have uncovered several new high severity variants of the IDOR (Insecure Director Object Reference) vulnerabilities (CVE-2022-31671, CVE-2022-31666, CVE-2022-31670, CVE-2022-31669, CVE-2022-31667) in CNCF-graduated project Harbor, the popular open-source artifact registry by VMware. Harbor is an open-source cloud native…