Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
03/24/2023
TikTok CEO testifies before US Congress. SEC's new cyber rules. CISA's steps against ransomware
CISA's steps against ransomware.
03/23/2023
Russian group exploits Windows print spooler bug via ‘GooseEgg’ malware
Microsoft says a previously undocumented malware it calls "GooseEgg" is being used by Russian threat group APT28 to exploit a known Windows Print Spooler bug, leading to network compromise and credential theft.
03/20/2023
Seven high-impact automation targets for financial institutions
t’s 2023, and technologies like machine learning, robotic process automation.
03/16/2023
Security Experts Weigh In On UK's Ban Of TikTok On Government Devices
On Thursday, the UK government announced that beginning immediately TikTok would be banned on government devices.
03/15/2023
Addressing Software Supply Chain Security
It’s essential for organizations to learn more about the software supply chains they rely on and the steps needed to secure them.
03/15/2023
CISA Alert: 4-Year-Old Software Bug Exploited at US Agency
Hackers from multiple threat groups, including an unnamed advanced persistent threat group.
03/15/2023
Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy
President Biden’s National Cybersecurity Strategy was announced on March 1, 2023.
03/13/2023
TSA Lays Out New Cybersecurity Requirements for Aviation Sector
Similar to a recent move made by the EPA to bolster cybersecurity requirements for the state water utilities it has authority over.
03/12/2023
Russia Pursues Technological Autonomy in the Shadow of Crippling Sanctions
Since the invasion of Ukraine on February 2022, Russia has faced an array of sanctions from the international community.
03/03/2023
US Cybersecurity Strategy Doubles Down on Hitting Ransomware
Policy Shift Unlocks Resources to Battle Ransomware as National Security Threat
03/03/2023
Industry Experts Analyze US National Cybersecurity Strategy
Feedback Friday: Industry professionals commented on various aspects of the new national cybersecurity strategy, its impact, and implications.