Social engineering takeover attacks are on the rise
Thursday, April 18, 2024 by Brittany Hainzinger
OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident.
The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...
ONCD asks software manufacturers to adopt memory safe languages
Tuesday, March 5, 2024 by Richard Harris
The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain.
"For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...
Tom Brady NFT sale sparks warning to consumers from experts
Wednesday, February 28, 2024 by Freeman Lightner
An expert has warned those considering purchasing an NFT off the back of the Tom Brady $40.7k sale, as NFT marketplaces saw $38 million stolen by scammers last year.
The findings, pulled together by Smart Betting Guide, analyzed a database recording crypto scams and exploits to identify the most vulnerable platforms and blockchains over the last year - with NFT marke...
Top data predictions for 2024 from Alluxio
Thursday, February 8, 2024 by Richard Harris
Alluxio’s Founder and CEO Haoyuan (H.Y.) Li forecasts major developments in Artificial Intelligence (AI), cloud, data and analytics, devops and storage in 2024. Data strategies will continue to require solutions that enable enterprises to manage complex data across diverse sources, optimize performance, scale in hybrid/multi-cloud environments, and operate efficie...
Secure software development insights from The Linux Foundation
Monday, February 5, 2024 by Richard Harris
The Linux Foundation published a new report, Maintainer Perspectives on Open Source Software Security, based on a survey of OSS maintainers and core contributors, to understand perspectives on OSS security and the uptake and adoption of security best practices by maintainers, core contributors, end users, and other members of the OSS ecosystem.
Maintainer Perspective...
Red Hat Developer Hub is available now
Wednesday, January 24, 2024 by Richard Harris
Red Hat, Inc., the provider of open-source solutions, announced the general availability of Red Hat Developer Hub, an enterprise-grade internal developer platform (IDP) based on Backstage, an open-source Cloud Native Computing Foundation (CNCF) project. Featuring a self-service portal, standardized software templates, dynamic plug-in management, enterprise role-ba...
Software delivery lifecycle security predictions from OpsMx
Wednesday, December 20, 2023 by Richard Harris
Heading into 2024, enterprises face mounting security concerns related to data breaches, evolving privacy regulations, and their increasing reliance on the cloud and software service providers. As such, they are under increasing pressure to secure the software delivery lifecycle and better understand where the threats are coming from and what their vulnerabilities are. ...
AI cybersecurity impacts according to NetLib Security
Monday, December 18, 2023 by Richard Harris
This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side.
2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...
ASPM 2024 report from Cycode
Friday, December 15, 2023 by Richard Harris
Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...
Full stack monitoring platform New Relic appoints new CEO
Tuesday, December 12, 2023 by Freeman Lightner
New Relic, the all-in-one observability platform for every engineer, announced that Ashan Willy has been appointed as their new Chief Executive Officer.
"I have long admired New Relic as a true pioneer in the observability market, and am honored to have the opportunity to lead the company as it embarks on the next phase of its journey. The opportunity ahead of u...
Aragon OSx app launches on Arbitrum
Tuesday, December 12, 2023 by Richard Harris
Aragon has deployed its modular Aragon OSx DAO framework and no-code Aragon App on Arbitrum, opening the door for DAOs to interact with a thriving ecosystem of protocols, applications, and assets. Arbitrum’s rollup technology serves as a gateway to the largest Layer 1 ecosystem - Ethereum - and Aragon’s user-friendly tech stack unlocks the mass adoption of D...
API security risks report exposes Netflix and Wordpress
Monday, November 27, 2023 by Richard Harris
Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP.
The new report i...
Red Hat AI revealed at KubeCon 2023
Friday, November 10, 2023 by Richard Harris
At KubeCon 2023 Red Hat made a number of announcements for its hybrid cloud portfolio, including the general availability of Red Hat Device Edge and Red Hat OpenShift 4.14; new certified plug-ins for the Backstage community; and Red Hat’s vision for AI and automation.
Red Hat Device Edge is now generally available
Red Hat Device Edge aggregates an enterprise...
Kubernetes data collection feature released from Sumo Logic
Friday, November 10, 2023 by Freeman Lightner
Sumo Logic, the SaaS log analytics platform, announced the availability of its HELM Chart V4 feature to fully unify data collection as part of its continued commitment to OpenTelemetry (OTel). Organizations can now package, configure, and deploy applications and services on Kubernetes clusters with OpenTelemetry as a default to simplify the collection of metrics, events...
You can now use Google Clouds BigQuery with Velotix
Monday, October 30, 2023 by Richard Harris
Velotix announced an integration with Google Cloud’s BigQuery, a serverless enterprise data warehouse, to provide AI-driven data protection and access management for sensitive data stored in Google Cloud. The Velotix data security platform governs and controls compliant access to data throughout the data access lifecycle to provide maximum data utilization wi...
Kubernetes optimizations land from PerfectScale
Wednesday, October 25, 2023 by Richard Harris
PerfectScale announced that they have successfully closed $7.1 million in seed funding, led by Blumberg Capital with participation from Upwest, Prelude Ventures, K2 Access Fund, Inner Loop Capital, Triangle Tweener Fund, and Firestreak Ventures. The latest investment brings the company’s total funding to nearly $10 million, since its founding in March, 2022.
Wi...
App security threat report results from Digital Ai
Thursday, October 19, 2023 by Richard Harris
Digital.ai announced the results of its 1st annual Application Security Threat Report, illuminating and quantifying the risks to applications in the wild. The results reveal that 57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) the most likely to be attacked. The study found no correlation between an app’s popularity and likelihood o...
Will AI take your programming job
Wednesday, October 4, 2023 by Freeman Lightner
Some of you might be wondering, is your coding job under threat from AI? It's a question that a lot of programmers are talking about so we conducted an in-depth analysis on its effects on programming jobs to get a concrete answer. Our results revealed how artificial intelligence is influencing programming jobs, whether it replacing programmers or changing ...
Detect hard coded secrets with new capabilities from Cycode
Thursday, August 10, 2023 by Freeman Lightner
Cycode announced the expansion of its hard-coded secrets detection in cloud-based workplaces, as well as a collaboration with Azure DevOps pipelines to ensure end-to-end supply chain integrity and a new IDE plug-in for seamless integration with VS Code.
Building upon its existing code-to-cloud coverage, Cycode now extends its secrets scanning capabilities to encompas...
AI dApp builder and blockchain land from Seneca
Wednesday, July 19, 2023 by Richard Harris
Seneca announces a series of product launches: full-scale application development within a decentralized environment. The platform unveiling and token presale signify a paradigm shift in data ownership and user autonomy.
As AI technology continues to evolve, the demand for personal data has grown exponentially. However, the adoption of these technologies faces challe...
Is Temu safe, legit, or dangerous: Perspective from an app developer
Wednesday, July 12, 2023 by Richard Harris
Temu is a shopping website, and app chalked full of products from overseas at ridiculously dirt cheap prices. They have almost everything you can imagine too. From laser pointer slingshots to Expresso makers, the entire ecosystem is built around keeping you shopping with a gamified experience, and it gets addicting quickly.
Some of the ADM staff have placed orders an...
Warning to app developers from dating app founder
Thursday, May 25, 2023 by Freeman Lightner
Leading consensual non-monogamy (CNM) app 3Fun, is the victim of an attempted trademark infringement extortion plot that has included the temporary removal of the app from the iOS App Store. This unexpected disruption has greatly impacted 3Fun's business, as it loses new and current iOS users and risks losing its high ranking in the App Store.
The extortion plot ...
Financial and operational planning have a love hate relationship
Thursday, May 11, 2023 by Stephen Dombroski
For many business organizations, internal departments working independently of one another is the norm. This norm creates siloed day-to-day functions and rigid disconnects in processes. This is especially true when it comes to sales and operations planning (S&OP). Low-maturity organizations allow budgets to dictate operational planning, and medium-maturity organizat...
SBOM mandate to improve cybersecurity in the US
Friday, March 17, 2023 by Freeman Lightner
The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021. (1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027. (2) To support the nation’s critical infrastructure and Federal Government networks,...
Recession fears may cause us to lower our defenses
Friday, January 13, 2023 by Richard Harris
Adam Sandman, CEO and Founder of Inflectra discusses the trends in software quality engineering and cybersecurity for 2023. Mr. Sandman explains why quality engineering, DevOps, and security will no longer be seen as separate disciplines but as part of a larger whole. Finally, he will cover how risk management is critical in addressing this new integrated set of challen...
Five technology trends to look for in 2023 according to Jitterbit
Friday, January 13, 2023 by Richard Harris
Sometimes the pace of work can get so fast that it can be hard for business leaders to slow down long enough to really scrutinize the technologies and tools that are shuttling their business along. Yet it's crucial to understand the latest technology trends because those technologies are precisely the engines that have the power to help organizations keep up the pac...
TrueNAS R30 launches from iXsystems
Friday, December 23, 2022 by Freeman Lightner
iXsystems, the company behind TrueNAS, has announced the RELEASE of TrueNAS SCALE 22.12 "Bluefin", the second major version of TrueNAS SCALE and the industry’s most powerful open source hyper-converged storage OS. Developed in true open source fashion alongside the hundreds of thousands of members in the TrueNAS Community, this storage software release f...
Zero trust policies for software releases could be key
Thursday, December 8, 2022 by Gopinath Rebala
Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...
Infrastructure as Code enhancements from Quali
Monday, November 7, 2022 by Richard Harris
Quali announced new capabilities that simplify the management of Infrastructure as Code (IaC), strengthen infrastructure governance, and provide further actionable data on the usage and cost of cloud infrastructure.
Torque delivers on businesses’ need to scale with transparency and controls to ensure governance and accountability without introducing inhibitors ...
Ransomware prevention platform ProLion sees large increase in revenue
Monday, October 24, 2022 by Freeman Lightner
ProLion has recorded an 80 percent increase in revenue for FY2022, driven by the addition of over 250 new customers worldwide. The uplift has been driven by demand for its ransomware protection solution CryptoSpike, which has soared as a result of the rise in ransomware and ransomware-as-a-service attacks.
The company also reported a renewal rate of 89...
The value of BizDevSecOps for developers
Friday, August 26, 2022 by Richard Harris
Gregg Ostrowski serves as the Executive CTO at AppDynamics, part of Cisco. In this Q&A, he goes in-depth on the value of BizDevSecOps for developers, including how it helps break down silos and build bridges among business, security, developer, and operations teams. Gregg highlights how the framework evolved from DevOps and DevSecOps, as well as why it is ...
Traceable AI and ArmorCode integration
Wednesday, August 24, 2022 by Brittany Hainzinger
ArmorCode has announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud.
To move at the speed of business, modern applications are increasingly powered by APIs to deliver functionality. The challenge is that each new API must be secured and as the number of APIs in...
Celebrities promoting NFTS warned by TINA
Friday, August 19, 2022 by Brittany Hainzinger
An increasing number of celebrities are jumping on the NFT bandwagon, showcasing their digital assets on social media for the world to see. But are they just showing off or do they have a personal stake in the NFT and/or NFT company that they aren’t properly disclosing? Ad watchdog truthinadvertising.org (TINA.org) is seeking answers.
TINA.org has sent letters ...
How you can benefit from a hybrid source model
Monday, August 8, 2022 by Richard Harris
Open-source software takes a decentralized, collaborative approach to software development. By bringing large groups of developers together, it can boost visibility and drive the adoption of new technologies. However, because of its complex review and release processes, the open-source model may limit a company’s ability to innovate rapidly and maintain cohesive c...
Productive developers prefer quality code
Monday, July 11, 2022 by Richard Harris
New research from Rollbar, a provider of real-time error monitoring Software as a Service, indicates that nearly a third (32%) of CTOs, developers, engineers, and technical leads feel the most productive when they are creating better quality code and not just more code. Nearly as many (28%) said that meeting and exceeding their managers’ expectations is what ...
