In the News
Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
![Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives](https://www.contrastsecurity.com/hubfs/Silicon%20Angle.png)
![MOVEit Vulnerabilities: Clop Ransomware Gang Victims Keep Increasing](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-23%20at%203.06.12%20PM.png)
06/16/2023
MOVEit Vulnerabilities: Clop Ransomware Gang Victims Keep Increasing
Experts criticized MOVEit MFT developer Ipswitch and found it “alarming” that the company missed an SQL injections flaw.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Steve Wilson – OWASP Top Ten for LLMs](https://www.contrastsecurity.com/hubfs/Screenshot%202023-06-19%20at%2010.09.24%20AM.png)
06/15/2023
Steve Wilson – OWASP Top Ten for LLMs
How do we do security in the world of AI and LLMs?
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Global cybersecurity agencies detail cyber threat from LockBit ransomware hackers](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-15%20at%2010.01.36%20AM.png)
06/15/2023
Global cybersecurity agencies detail cyber threat from LockBit ransomware hackers
A joint cybersecurity advisory (CSA) has been released by global cybersecurity agencies.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![XSS Vulnerabilities Found in Microsoft Azure Cloud Services](https://www.contrastsecurity.com/hubfs/Archived/Imported_Blog_Media/Dark-Reading-Black-Hat-2.png)
06/14/2023
XSS Vulnerabilities Found in Microsoft Azure Cloud Services
Microsoft quickly issued patches for the two security issues, which could allow unauthorized access to cloud sessions.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![CISA: LockBit behind 1 in 6 ransomware attacks on US gov't in 2022](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202023-02-07%20at%203.44.56%20PM.png)
06/14/2023
CISA: LockBit behind 1 in 6 ransomware attacks on US gov't in 2022
About one in every six ransomware attacks targeting U.S. government offices in 2022 can be traced back to a single group: LockBit.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![LockBit victims in the US alone paid over $90m in ransoms since 2020](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.37.13%20AM.png)
06/14/2023
LockBit victims in the US alone paid over $90m in ransoms since 2020
As America, UK, Canada, Australia and friends share essential bible to detect and thwart infections.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Wiz partners with Contrast Security to provide real-time insights into potential security risks](https://www.contrastsecurity.com/hubfs/Screenshot%202023-03-03%20at%204.14.25%20PM.png)
![North Korea’s social engineering threat not going away](https://www.contrastsecurity.com/hubfs/Screenshot%202023-06-19%20at%2010.22.20%20AM.png)
06/09/2023
North Korea’s social engineering threat not going away
North Korean state-sponsored actors continue to use social engineering to target employees of think tanks, academic institutions and the news media.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Bugs discovered in Honda sales platform. Update on Minecraft mod malware](https://www.contrastsecurity.com/hubfs/the-cyberwire-logo-vector.png)
06/09/2023
Bugs discovered in Honda sales platform. Update on Minecraft mod malware
Bugs discovered in Honda sales platform.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![The Gigabyte firmware backdoor: Lessons learned about supply chain security](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.38.47%20AM.png)
06/08/2023
The Gigabyte firmware backdoor: Lessons learned about supply chain security
Firmware attacks can pose a substantial risk to the software supply chain.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Potential Backdoor in Gigabyte PCs Exposes Supply Chain Risks](https://www.contrastsecurity.com/hubfs/Archived/Imported_Blog_Media/logo-infoSecurity0717-2.png)
![Apria Healthcare Data Breach Exposed Sensitive Information of Nearly 2 Million Patients](https://www.contrastsecurity.com/hubfs/cpo-mag-logo.png)
06/01/2023
Apria Healthcare Data Breach Exposed Sensitive Information of Nearly 2 Million Patients
Apria healthcare data breach has exposed the personal, medical, and financial information of up to 1.8 million individuals.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)