Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
11/12/2022
Pax Mafioso: The geopolitical side to the Medibank ransom attack
The ransom attack on Medibank involving the personal information of nearly 10 million Australians.
11/11/2022
Twitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks
Several of Twitter's C-level security and privacy executives have resigned following the chaos that ensued from the Elon Musk acquisition of the social media platform.
11/10/2022
FTC tracking developments at Twitter with ‘deep concern’ after CISO resigns
The Federal Trade Commission (FTC) said it is monitoring the recent fracas around Twitter just hours after the company’s chief information security officer announced their resignation.
11/09/2022
House, Senate changes could slow legislative momentum for cybersecurity
Welcome to The Cybersecurity 202! The video gamer in me finds all the partially empty.
11/08/2022
White House Summit on Ransomware Attacks Brings Global Leaders Together To Discuss Information Sharing, Defense Frameworks
The second International Counter Ransomware Initiative Summit took place last week.
11/07/2022
SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM
Here's why your organization should consider a SaaSBOM — and some of the challenges facing their success.
11/03/2022
130 Dropbox GitHub repositories compromised in successful phishing attack
Cloud storage provider Dropbox Inc. has disclosed the details of a recent phishing attack.
11/02/2022
OpenSSL Vulnerability Not as Severe as Believed, but Patching Is Still a Must
The CVE-2022-3602 flaw in OpenSSL is far from being as severe as Heartbleed Bug, the only other critical vulnerability in OpenSSL since 2014.
11/01/2022
8 CI/CD best practices: Secure your software development pipeline
Don’t neutralize CI/CD business gains by failing to account for risk. Here are best practices to ensure your software development pipeline is secure.
10/27/2022
Two cybersecurity champions to exit Congress
In January, Congress will lose two cybersecurity champions, with both Rep. Jim Langevin and Sen. Rob Portman retiring after the midterm elections.
10/21/2022
Simple Guide to Vulnerability Scanning Best Practices
A vulnerability scanner is software designed to assess infrastructures, networks, and applications.