Vulnerabilities in Apple products alert
Monday, September 30, 2024 by Richard Harris
CERT-In has recently issued Advisory CIAD-2024-0046, highlighting multiple high-severity vulnerabilities in Apple products. The vulnerabilities affect a wide range of Apple software, including iOS versions prior to 18, iPadOS versions prior to 18, macOS Sonoma versions prior to 14.7, macOS Ventura versions prior to 13.7, and the upcoming macOS Sequoia versions prior to ...
SaaS report from Onymos reveals what tech leaders are worried about
Monday, September 9, 2024 by Brittany Hainzinger
Onymos, developer of solutions transforming Software-as-a-Service (SaaS) for software and application development, today announced the findings of its SaaS Disruption Report: Security & Data. It reveals that over three-quarters (78%) of technology leaders are concerned about security threats in Software-as-a-Service (SaaS) for application and software development.
...
PhishFlagger anti-phishing email solution released
Monday, August 19, 2024 by Austin Harris
PhishFlagger, a human-compatible patented phishing solution, recently announced its new patented anti-phishing email solution. The solution validates emails through a unique identifier protocol, PhishCounter, which adds a sequential number in the subject line that identifies all outgoing and inbound emails. The easily implemented system also allows recipients to identif...
GenAI cybersecurity assistant lands from IBM
Friday, August 16, 2024 by Freeman Lightner
IBM recently announced the introduction of generative AI capabilities to its managed Threat Detection and Response Services utilized by IBM Consulting analysts to advance and streamline security operations for clients. Built on IBM's watsonx data and AI platform, the new IBM Consulting Cybersecurity Assistant is designed to accelerate and improve the identification,...
Generative AI in Application Security report from Checkmarx
Monday, August 12, 2024 by Richard Harris
Checkmarx, the in-cloud-native application security provider, has published its Seven Steps to Safely Use Generative AI in Application Security report, which analyzes key concerns, usage patterns, and buying behaviors relating to the use of AI in enterprise application development. The global study exposed the tension between the need to empower both...
Geo-Fraud Detection mobile app by Appdome
Friday, August 2, 2024 by Freeman Lightner
Appdome announced it has enhanced its Geo-Fraud Detection service to include two new defenses: Geo-Location Fencing and Geo DeSync Attack Detection. Combined with other Geo-Compliance features available on the Appdome platform, mobile app developers and enterprises can eliminate location-based fraud, ensure geo-compliance and deliver location relevant use...
Rise in cyberattacks is alarming folks
Friday, June 28, 2024 by Freeman Lightner
A recent study has uncovered a startling rise in cyberattacks from 2022 to 2023. Throughout 2023, the United States experienced an alarming 3,205 data breaches, marking a dramatic 78% surge from the 1,801 incidents reported in 2022.
The study conducted by data collection experts SOAX utilized data from the Identity Theft Resource Center on the number of data vi...
Social engineering takeover attacks are on the rise
Thursday, April 18, 2024 by Brittany Hainzinger
OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident.
The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...
ONCD asks software manufacturers to adopt memory safe languages
Tuesday, March 5, 2024 by Richard Harris
The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain.
"For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...
Tom Brady NFT sale sparks warning to consumers from experts
Wednesday, February 28, 2024 by Freeman Lightner
An expert has warned those considering purchasing an NFT off the back of the Tom Brady $40.7k sale, as NFT marketplaces saw $38 million stolen by scammers last year.
The findings, pulled together by Smart Betting Guide, analyzed a database recording crypto scams and exploits to identify the most vulnerable platforms and blockchains over the last year - with NFT marke...
IT security predictions for 2024 from HYCU
Tuesday, February 13, 2024 by Richard Harris
Subbiah Sundaram shares his 2024 IT predictions, plus why organizations need to make sure they have a way to protect and recover SaaS application data, the impacts LLMs and AI will have on IT security, the rise of ransomware attacks, the frequency of attacks predicted to be at every two seconds by 2030, and that the focus of organizations will shift ...
Open source AI trends for 2024 according to Eclipse Foundation
Thursday, December 21, 2023 by Richard Harris
Each year I usually like to make a few predictions about where the software industry, open source, and Eclipse Foundation projects are headed. This year is going to be a little broader, as some large trends are going to impact us in ways that should be discussed and understood.
Government regulation will impact the software industry
The first trend is that for the...
Cybersecurity AI trends in 2024 according to Edgio
Thursday, December 21, 2023 by Richard Harris
Looking ahead to 2024 and beyond, it is clear that the cybersecurity skills gap will only continue to widen. However, by leveraging AI tools and investing in the development of skilled cybersecurity professionals who can work effectively with these tools, organizations can better protect their networks and data from cyber threats and ensure they remain resilient in an i...
Software delivery lifecycle security predictions from OpsMx
Wednesday, December 20, 2023 by Richard Harris
Heading into 2024, enterprises face mounting security concerns related to data breaches, evolving privacy regulations, and their increasing reliance on the cloud and software service providers. As such, they are under increasing pressure to secure the software delivery lifecycle and better understand where the threats are coming from and what their vulnerabilities are. ...
AI cybersecurity impacts according to NetLib Security
Monday, December 18, 2023 by Richard Harris
This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side.
2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...
API security risks report exposes Netflix and Wordpress
Monday, November 27, 2023 by Richard Harris
Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP.
The new report i...
API management capabilities from Traefik Labs
Monday, November 13, 2023 by Richard Harris
Traefik Labs, the creator of Traefik Proxy, the ingress controller with more than 3 billion downloads, announced that they added new capabilities to Traefik Hub, the Kubernetes native and GitOps-driven Application Programming Interface (API) management solution. This latest update modernizes API runtime operations for platform teams that frequently encounter change...
Automated incident management solution updates from PagerDuty
Thursday, November 9, 2023 by Freeman Lightner
PagerDuty, Inc. recently announced it has signed a definitive agreement to acquire Jeli, Inc. to transform operations with an enterprise-grade, all-in-one incident management solution. Adding Jeli’s capabilities to the PagerDuty Operations Cloud will further strengthen its value as a system of action, going beyond response to drive long-la...
App security threat report results from Digital Ai
Thursday, October 19, 2023 by Richard Harris
Digital.ai announced the results of its 1st annual Application Security Threat Report, illuminating and quantifying the risks to applications in the wild. The results reveal that 57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) the most likely to be attacked. The study found no correlation between an app’s popularity and likelihood o...
PCI DSS JavaScript compliance tool free from Jscrambler
Thursday, June 29, 2023 by Brittany Hainzinger
Jscrambler announced the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0). This free assessment tool provides organizations of all sizes with clarity and si...
Oxeye discovers vulnerability in HashiCorp Vault Project
Tuesday, April 25, 2023 by Freeman Lightner
Oxeye announced the discovery of a new vulnerability in the HashiCorp Vault Project that has now been patched. HashiCorp Vault is a popular identity-based secret and encryption management system used to control access to API encryption keys, passwords, and certificates. The vulnerability was automatically discovered and reported by the Oxeye Platform during a deployment...
How people respond to ransomware attacks
Monday, April 10, 2023 by David Carvalho
Ransomware attackers extorted $456.8 million from victims in 2022, 40% down from the $765.6 million in the previous year. However, before we clink glasses to celebrate victory, there are some significant caveats to consider. The recent hack of Euler Finance where $135 million in staked Ether tokens (stETH), was drained from the protocol, is a case in point. How organiza...
SBOM mandate to improve cybersecurity in the US
Friday, March 17, 2023 by Freeman Lightner
The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021. (1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027. (2) To support the nation’s critical infrastructure and Federal Government networks,...
Identity will hold the keys to the kingdom for cybercriminals
Wednesday, February 8, 2023 by Brittany Hainzinger
In 2023, identity will continue to hold the keys to the kingdom for cybercriminals. This is a continuation from 2022, with the Verizon Data Breach Investigations Report (DBIR) attributing 80% of basic web application attacks to the use of stolen credentials like passwords. Security incidents usually involve a variety of techniques, from social engineering to supply chai...
Data privacy training kit from CybeReady
Monday, February 6, 2023 by Freeman Lightner
CybeReady published the company’s Data Privacy CISO Toolkit as Data Privacy Week is set to arrive in January. Access to the Data Privacy CISO Toolkit is free of charge and offered to support data privacy training this month.
Data Privacy Week was inaugurated by the National Cybersecurity Alliance (NCA) because of the importance of privacy data. The occasion beg...
The beginning of a new age of innovation and creation
Monday, January 23, 2023 by Freeman Lightner
2023 will be the beginning of a new age of innovation and the creation of new products and services as never been seen since the founding of the Internet.
The end of the mobile app distribution monopoly, the convergence of different platforms, and the recovery of power by users and developers will unleash a perfect storm that will mark the next decade.
An earthqua...
Developers and brands must make mobile apps far more secure
Tuesday, January 17, 2023 by Austin Harris
The bad guys are still breaking digital windows and kicking down digital doors, so to speak, and will continue well into 2023 and beyond!
Consumers through experience or gut instinct will demand that their mobile app providers deliver key security features including trying to stop the increasingly prevalent "man-in-the-middle" attacks. The latest techn...
Recession fears may cause us to lower our defenses
Friday, January 13, 2023 by Richard Harris
Adam Sandman, CEO and Founder of Inflectra discusses the trends in software quality engineering and cybersecurity for 2023. Mr. Sandman explains why quality engineering, DevOps, and security will no longer be seen as separate disciplines but as part of a larger whole. Finally, he will cover how risk management is critical in addressing this new integrated set of challen...
Ransomware prevention platform ProLion sees large increase in revenue
Monday, October 24, 2022 by Freeman Lightner
ProLion has recorded an 80 percent increase in revenue for FY2022, driven by the addition of over 250 new customers worldwide. The uplift has been driven by demand for its ransomware protection solution CryptoSpike, which has soared as a result of the rise in ransomware and ransomware-as-a-service attacks.
The company also reported a renewal rate of 89...
Decentralized wallets suggested after Solana hack
Wednesday, August 17, 2022 by Freeman Lightner
The recent hack on the Solana cryptocurrency wallet has led to a drain of millions of dollars, which raised concerns about the security of the crypto ecosystem. Against this backdrop, the volume of discussions around 'Solana' among Twitter influencers surged in the first week of August as most of them commended the use of decentralized or open source w...
Hacking phones worry us the most
Thursday, July 14, 2022 by Freeman Lightner
Search results for 'smart appliances' have increased by 300% as people are becoming reliant on devices that promise to make their life easier.
Alarmingly, a recent report by Which revealed that a home with smart gadgets could be vulnerable to 12,000 hacking attacks in a single week.
Intrigued by this, BespokeSoftwareSolutions utilized the online analy...
ImmuniWeb Neuron web security scanning
Friday, June 10, 2022 by Richard Harris
ImmuniWeb has announced the launch of ImmuniWeb Neuron, a web application and API web security scanning solution that is based on the award-winning ImmuniWeb AI Platform available.
ImmuniWeb Neuron is designed to rapidly scan tens, hundreds, or even thousands of web applications and APIs for vulnerabilities, weaknesses, and misconfigurations. It c...
Security compliance predictions for 2022
Tuesday, January 18, 2022 by Freeman Lightner
Edward Tuorinsky is the Managing Principal of DTS, a Service-Disabled Veteran-Owned Small Business, that provides information technology and management consulting services in the areas of program management, governance, strategic planning, organization advancement, business process efficiency, software development, system integration, and learning enhancement solutions....
Increase developer productivity in 2022
Sunday, January 9, 2022 by Freeman Lightner
Patrick Jean is the CTO at OutSystems, where he's focused on building a great engineering culture where motivated people are free to unleash their passion doing meaningful work. With more than 20 years of engineering leadership experience, he has led multiple high-stakes, cloud transformation initiatives at SaaS providers, blending customer focus, inspired developme...
Mitigating API attacks in 2022
Wednesday, January 5, 2022 by Richard Harris
Nathanael Coffing, co-founder and CSO of Cloudentity, is also a board member. Nathanael has over 20 years of management and architecture experience across identity, security, microservices, and IT domains. Prior to founding Cloudentity, he founded OrchIS.io and helped build numerous technology startups leveraging his experience at Sun, Oracle, Imperva, Washington Mutual...
.jpg)
