In the News
Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
![Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives](https://www.contrastsecurity.com/hubfs/Silicon%20Angle.png)
![Pax Mafioso: The geopolitical side to the Medibank ransom attack](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-11-17%20at%2010.48.55%20AM.png)
11/12/2022
Pax Mafioso: The geopolitical side to the Medibank ransom attack
The ransom attack on Medibank involving the personal information of nearly 10 million Australians.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Twitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks](https://www.contrastsecurity.com/hubfs/Archived/Imported_Blog_Media/logo-infoSecurity0717-2.png)
11/11/2022
Twitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks
Several of Twitter's C-level security and privacy executives have resigned following the chaos that ensued from the Elon Musk acquisition of the social media platform.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![FTC tracking developments at Twitter with ‘deep concern’ after CISO resigns](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-11-17%20at%2010.47.30%20AM.png)
11/10/2022
FTC tracking developments at Twitter with ‘deep concern’ after CISO resigns
The Federal Trade Commission (FTC) said it is monitoring the recent fracas around Twitter just hours after the company’s chief information security officer announced their resignation.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![House, Senate changes could slow legislative momentum for cybersecurity](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-11-17%20at%2010.46.24%20AM.png)
11/09/2022
House, Senate changes could slow legislative momentum for cybersecurity
Welcome to The Cybersecurity 202! The video gamer in me finds all the partially empty.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![White House Summit on Ransomware Attacks Brings Global Leaders Together To Discuss Information Sharing, Defense Frameworks](https://www.contrastsecurity.com/hubfs/cpo-mag-logo.png)
11/08/2022
White House Summit on Ransomware Attacks Brings Global Leaders Together To Discuss Information Sharing, Defense Frameworks
The second International Counter Ransomware Initiative Summit took place last week.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-11-17%20at%2010.44.05%20AM.png)
11/07/2022
SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM
Here's why your organization should consider a SaaSBOM — and some of the challenges facing their success.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![130 Dropbox GitHub repositories compromised in successful phishing attack](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-11-07%20at%203.54.47%20PM.png)
11/03/2022
130 Dropbox GitHub repositories compromised in successful phishing attack
Cloud storage provider Dropbox Inc. has disclosed the details of a recent phishing attack.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![OpenSSL Vulnerability Not as Severe as Believed, but Patching Is Still a Must](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-10-21%20at%2012.14.56%20PM.png)
11/02/2022
OpenSSL Vulnerability Not as Severe as Believed, but Patching Is Still a Must
The CVE-2022-3602 flaw in OpenSSL is far from being as severe as Heartbleed Bug, the only other critical vulnerability in OpenSSL since 2014.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![The surprising relationship between Bitcoin and ransomware is investigated in White House summit](https://www.contrastsecurity.com/hubfs/venture-beat-logo.jpg)
![8 CI/CD best practices: Secure your software development pipeline](https://www.contrastsecurity.com/hubfs/security-boulevard-logo.png)
11/01/2022
8 CI/CD best practices: Secure your software development pipeline
Don’t neutralize CI/CD business gains by failing to account for risk. Here are best practices to ensure your software development pipeline is secure.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Two cybersecurity champions to exit Congress](https://www.contrastsecurity.com/hubfs/wex-logo-new-450.png)
10/27/2022
Two cybersecurity champions to exit Congress
In January, Congress will lose two cybersecurity champions, with both Rep. Jim Langevin and Sen. Rob Portman retiring after the midterm elections.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Simple Guide to Vulnerability Scanning Best Practices](https://www.contrastsecurity.com/hubfs/Screen%20Shot%202022-10-21%20at%2012.13.05%20PM.png)
10/21/2022
Simple Guide to Vulnerability Scanning Best Practices
A vulnerability scanner is software designed to assess infrastructures, networks, and applications.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)