DevOps threats report released from GitProtect io
Monday, August 12, 2024 by Brittany Hainzinger
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities,
and, as a result, data loss are the reality that DevSecOps teams have to face...even every
few days.
The State of DevOps threats report - teams affected every few days
GitProtect.io recently presented its studies on the most severe incidents affecting tools like GitHub...
Tom Brady NFT sale sparks warning to consumers from experts
Wednesday, February 28, 2024 by Freeman Lightner
An expert has warned those considering purchasing an NFT off the back of the Tom Brady $40.7k sale, as NFT marketplaces saw $38 million stolen by scammers last year.
The findings, pulled together by Smart Betting Guide, analyzed a database recording crypto scams and exploits to identify the most vulnerable platforms and blockchains over the last year - with NFT marke...
AI cybersecurity impacts according to NetLib Security
Monday, December 18, 2023 by Richard Harris
This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side.
2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...
Network-based cybersecurity threat detection SDK launches
Monday, October 16, 2023 by Freeman Lightner
Enea has launched the Enea Qosmos Threat Detection SDK. This revolutionary threat detection system has the potential to double performance in network-based cybersecurity solutions.
The Qosmos Threat Detection SDK enables the integration of Enea's flagship deep packet inspection (DPI) engine, Qosmos ixEngine, with core IDS capabilities drawn from Suricata, the wid...
Is Temu safe, legit, or dangerous: Perspective from an app developer
Wednesday, July 12, 2023 by Richard Harris
Temu is a shopping website, and app chalked full of products from overseas at ridiculously dirt cheap prices. They have almost everything you can imagine too. From laser pointer slingshots to Expresso makers, the entire ecosystem is built around keeping you shopping with a gamified experience, and it gets addicting quickly.
Some of the ADM staff have placed orders an...
Microverse IDE beta opens
Thursday, June 23, 2022 by Richard Harris
Croquet, the open OS and developer platform for the metaverse has announced the open beta of Microverse IDE, its development and deployment environment built for Croquet OS, which empowers web and web3 developers to rapidly deliver interoperable, standards-based metaverse worlds.
Croquet Microverse IDE beta opens, helping solve metaverse challenges
Croquet also an...
StorONE launches backup storage
Friday, November 19, 2021 by Brittany Hainzinger
The latest ransomware variants perform what is known as sleeper attacks, which avoid discovery by slowly infecting data. By the time an organization realizes it is dealing with a ransomware attack, a high percentage of data is encrypted. Modern backup storage needs to not only provide immutability of backup data it must do so, without impacting performance for pote...
Advanced digital fingerprinting capabilities from SEON
Monday, October 25, 2021 by Freeman Lightner
SEON, the fraud fighters, have unveiled modern digital device fingerprinting capabilities designed to identify and counter the latest internet and mobile fraud tactics used by sophisticated fraudsters and bots.
Advanced digital fingerprinting capabilities
Fraudsters increasingly use unusual device setups to speed their efforts. Device fingerprinting can ...
2021 Coding Week recap from industry experts
Monday, September 20, 2021 by Richard Harris
National Coding Week takes place during September 13 - September 19 and it is a great time to engage everyone into coding in a fun and easy way. According to an article from National Today, "92 percent of executives believe American workers are not as skilled as they need to be." National Coding Week is a perfect opportunity for improving your coding skills to...
Justin Dolly becomes Chief Security Officer at Sauce Labs
Wednesday, February 12, 2020 by Brittany Hainzinger
Sauce Labs Inc. announced the appointment of Justin Dolly as chief security officer. A security industry veteran with more than 20 years of experience, Dolly will develop, implement, and enforce the company’s long-term security strategy, ensuring its customers have the highest level of protection to support their digital goals. The hiring of Dolly follows the rece...
StrandHogg Android vulnerability identified
Thursday, December 5, 2019 by Freeman Lightner
Promon, a Norwegian app security company, has identified tangible evidence of a dangerous Android vulnerability that allows malware to pose as any legitimate app, granting hackers access to private SMS’ and photos, steal victims’ log-in credentials, track movements, make and/or record phone conversations, and spy through a phone’s camera and microphone...
Silicon Labs Series 2 mesh networking modules are out now
Thursday, September 26, 2019 by Freeman Lightner
Silicon Labs has launched a new portfolio of highly integrated, secure Wireless Gecko modules that reduce development cost and complexity, making it easier to add robust mesh networking connectivity to a wide range of Internet of Things (IoT) products. The new MGM210x and BGM210x Series 2 modules support leading mesh protocols (Zigbee, Thread, and Bluetoo...
Cloud computing security report 2019 is out from CSA
Thursday, August 8, 2019 by Richard Harris
The Cloud Security Alliance (CSA) defines standards, certifications, and best practices to help ensure a secure cloud computing environment. The CSA has released "Top Threats to Cloud Computing: The Egregious Eleven", a report which re-examines the risks inherent with cloud security and takes a new approach, examining the problems inherent in configu...
A world with no passwords and how FIDO2 can help make it happen
Monday, May 13, 2019 by Richard Harris
93.2 percent of the overall web browser market has embraced FIDO2: Google Chrome, Microsoft Edge, Apple Safari, Mozilla Firefox, and Opera.
The FIDO Alliance is driven by hundreds of global tech leaders across enterprise, payments, telecom, government, and healthcare that have come together in support of the organization’s mission to reduce the world’s re...
Finding website risk levels and reputations gets easier for IT admins
Monday, May 13, 2019 by Richard Harris
NetMotion Software announced NetMotion Reputation, a subscription service that identifies the risk profile and usage categories of hundreds of millions of web domains. Reputation allows IT teams to get visibility into user behavior, including a better understanding of access to risky or inappropriate cloud applications and websites. Customers can also block access if an...
Industrial IoT platform gets updates from Pulse Secure
Monday, December 17, 2018 by Richard Harris
Pulse Secure, a provider of Secure Access solutions to both enterprises and service providers, announced the release of Pulse Policy Secure (PPS) 9.0R3 to extend its Zero Trust Security model to IIoT devices and smart factories. The new version enables factories to streamline machinery repairs and diminish costly production downtime through IT-managed secure access...
Join us for a free mobile app security threats webinar on Tuesday
Friday, December 7, 2018 by Richard Harris
In 2016, a record 3 billion Yahoo accounts were hacked, and Uber reported that hackers stole the information of over 57 million accounts. Then in 2017, 412 million user accounts were taken from Friendfinder’s sites, and 147.9 million consumers were affected by the Equifax Breach. In 2018, Under Armor said that that it's My Fitness Pal app was hacked, affecting...
Zero latency apps gets closer to reality thanks to Redis Labs
Tuesday, November 20, 2018 by Richard Harris
Complex technologies like a self-driving car take in huge amounts of data from its environment, processing it and make appropriate decisions on how to respond within a few milliseconds. This is the kind of zero latency future Redis Labs is enabling, and they announced at Redis Day London, the latest release of Redis Enterprise with two key functionalities: Red...
The differences between web apps and native apps
Thursday, October 18, 2018 by Richard Harris
Even in 2018, years past the origional question, the debate rages on across the land, in office spaces and conference rooms every day - should we build a full-blown native mobile app, or is distributing over the web good enough?
By now everyone knows the “mobile-first” mentality because statistics like 50% of web searches being done from a mobile dev...
Fortnite for Android is a trailblazing risk for mobile banking
Tuesday, August 14, 2018 by Sam Bakken
CEO Tim Sweeny of Epic Games, the publisher of the wildly popular Fortnite game, is on a mission to “advance the openness of all platforms” - not to mention side-step Google’s 30% take of developer proceeds - by distributing Fortnite for the Android platform via their website rather than the Google Play store. I applaud a maverick challenging the statu...
Avoid mobile cybersecurity threats by checking the source
Thursday, July 5, 2018 by Sam Bakken
Earlier this month IT news organizations around the globe reported that Epic Games’ popular Fortnite game was being counterfeited and malicious actors were, in fact, lacing the imposter apps with malware.
We’re only human, and people unwittingly let their guard down in anticipation of something they're passionate about, or when they think they might b...
Forrester recognizes Prevoty for it's RASP
Monday, April 2, 2018 by Richard Harris
Prevoty is cited as the leader of runtime application self-protection (RASP) technologies in The Forrester New Wave: Runtime Application Self-Protection, Q1 2018, released recently. Analysts from the influential research and advisory firm evaluated the eight most significant RASP vendors, interviewed customers, received demonstrations, and measured each solution against...
DNS security and why mobile app developers should care
Monday, February 5, 2018 by Richard Harris
DNSSEC is a DNS security extension specification for securing information provided by DNS. DNS has been a part of the global internet since the 1980s, but its authentication mechanisms are fairly weak. As a result, DNS is vulnerable to a form of attack called cache poisoning. Cache poisoning is a man-in-the-middle attack that implants false DNS information to redirect e...
Cisco releases security connector app for iOS devices
Tuesday, January 2, 2018 by Christian Hargrave
Cisco announced the availability of Cisco Security Connector, a security app designed to give enterprises the deepest visibility and control over network activity on iOS devices, now in the App Store.Apple has designed iOS to be secure from the ground up and to be simple, intuitive, and powerful for users. By using iPhones and iPads with iOS 11 and Cisco Security Connec...
People are worried about internetconnected car security
Monday, December 4, 2017 by Christian Hargrave
Thales announced survey results revealing how respondents feel about the potential risks connected vehicles pose to their safety and the security of their personal information.Connected cars use mobile internet technology for safety systems and remote diagnostics (like “OnStar”), as well as controlling key functions via a smartphone, smartwatch, tablet or computer - ena...
SlashNext launches AI internet threat protection system
Thursday, November 9, 2017 by Christian Hargrave
SlashNext announced the company’s broad market release of the SlashNext Internet Access Protection System to protect organizations from cross platform social engineering and phishing, malware, exploits and callback attacks. The system goes beyond first generation signature-based and second generation sandbox-based technologies and deploys artificial intelligence and cog...
Rethinking DevOps as DevSecOps
Thursday, October 12, 2017 by Akshay Aggarwal
If you’re not already thinking right now that your DevOps teams should be run like a DevSecOps team, you may already be in a world of hurt. Time to wake up! As the adoption of APIs continues to grow, so do the risks to organizations that don’t actively test the security of their solutions. Modern Agile development frameworks have changed the way engineering teams produc...
Node.js just got better enterprise security
Monday, October 9, 2017 by Christian Hargrave
At Node.js Interactive North America, npm, Inc. announced new enterprise-grade security features for users of npm and the npm Registry: two-factor authentication for publishing packages and read-only authentication tokens. With more than 550,000 packages for mobile, IoT, front end, back end and robotics, npm is the first software registry to provide two-factor authentic...
Sending out an S.O.S. for SMS
Wednesday, October 4, 2017 by Will LaSala
What a difference a year makes. Just one year after the National Institute of Standards and Technology issued guidance that found SMS is insecure and no longer suitable as a strong authentication mechanism, it has walked all of that back.At the time the original draft was published, it was highly unusual for any US government agency to get out in front of the security i...
Stop the menace of Android rooting malware attacks with RASP
Monday, September 25, 2017 by Frederik Mennes
One of the key security issues facing organizations that support Android devices is the risk of rooting malware. A number of malware families on the Android mobile OS attempt to obtain root access once installed because the elevated privileges gained come in handy to perform malicious activities.
What you need to know about Tordow v2.0 and Pegasus
The To...
Tips for securing container deployments
Friday, September 1, 2017 by Richard Harris
Container deployments are still susceptible to the regular threats that other types of deployments are - including DDoS and cross-site scripting attacks. In fact, hackers often take advantage of compromised containers to scan sensitive data, download malware, or privilegeunauthorized access to any of your containers, hosts or data centers.Fei Huang is the CEO of NeuVect...
The future of cybersecurity in machine learning
Sunday, July 30, 2017 by Richard Harris
McAfee, a cybersecurity company, has announced several new innovations that expand machine learning and automation capabilities to strengthen human-machine teams. Plus, McAfee announces support of OpenDXL.com, a new, independent collaboration portal that offers forums and free apps, giving OpenDXL users easy access to ideas and resources available for application integr...
HUMANOBOT can discover nonhuman activities trying to commit fraud
Tuesday, July 25, 2017 by Christian Hargrave
SecuredTouch's HUMANOBOT behavioral biometrics tech has recently fine-tuned its platform to better detect non-human activities like bots and emulators trying to commit fraud. HUMANOBOT detects non-human behavior generated by bots, malware, and automated scripts and stops fraud-focused emulators within mobile applications.The system recognizes these behaviors using advan...
Zombie apps in the Google Play Store
Friday, July 14, 2017 by Richard Harris
Anura, fraud protection software from eZanga that identifies bots and human fraud, has announced that more than 1,300 apps in the Google Play store contain code that activates Android phones in "sleep mode" for the purpose of engaging with mobile advertisements unbeknownst to their owners. After detecting click attempts made from a variety of Google Play Store apps...
VASCO launches overlay detection in DIGIPASS
Thursday, June 22, 2017 by Richard Harris
VASCO Data Security International, Inc., a provider of identity, security and business productivity solutions, has announced its ability to help organizations detect and mitigate mobile application overlay attacks through added functionality in the DIGIPASS for Apps Runtime Application Self-Protection (RASP) module.Overlay attacks are increasingly being deployed to stea...