Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
11/28/2023
Ukraine claims Russia's planes in peril as sanctions bite
Aeroflot fleet still has a smoking section, but not for tobacco
11/27/2023
General Electric, DARPA Hack Claims Raise National Security Concerns
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
11/27/2023
Alleged GE hack raises concerns about US national security
General Electric Co. has allegedly been hacked, and the hacker is offering stolen data, including Defense Advanced Research Projects Agency documents for sale on a hacking forum, raising national security concerns.
11/08/2023
CISOs Beware: SEC's SolarWinds Action Shows They're Scapegoating Us
In a rapidly evolving cybersecurity landscape, CISOs must take proactive measures to safeguard their careers and mitigate risks associated with their roles.
11/07/2023
How Security Observability Can Impact AppSec Teams
Better context means better security. Unfortunately, most application security teams have very limited insight into how their software and security work.
10/11/2023
Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear
Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.
10/11/2023
Cybersecurity and Open Source Experts Up In Arms About the CRA
Provisions in the European Union’s proposed Cyber Resilience Act drew more fire from dozens of high-profile cybersecurity and technology advocates.
10/02/2023
Johnson Controls International Suffered a Massive Ransomware Attack Potentially Impacting the DHS
Johnson Controls International (JCI) has suffered a ransomware attack that encrypted devices and affected internal and partners’ operations.
10/01/2023
Below the Waterline: The Evolution of Island Hopping
This year’s Cyber Bank Heists report by Contrast Security was eye opening.
09/28/2023
Possible Government Shutdown Has Cybersecurity Experts Worried
Vulnerabilities may persist or go unaddressed during a shutdown.
09/27/2023
Hunting and gathering: OpZero raises stakes in zero-day exploit market
OpZero, the shady Russian zero-day exploit broker, has struck again. I
09/22/2023
Contrast Security integrates with AWS Security Hub to help organizations mitigate threats
Contrast Security, the code security platform built for developers and trusted by security.