Search results for: open sources

Handshake

AirHop partners with Juniper Networks to accelerate 4G and 5G network deployments

AirHop Communications announced they are joining the Juniper Networks Technology Alliance Partner ecosystem. The partnership will enable the integration of AirHop’s field-hardened Radio Access Network (RAN) automation and optimization applications as O-RAN Alliance compatible eSON xApps and eSON360 rApps on Juniper’s RAN Intelligent Controller (RIC). The integrated automation and optimization Apps will accelerate and simplify 4G and 5G network deployments and operations, resulting in increased spectral efficiency by up to 30%, contributing to lower OpEx … More

MITRE ATT&CK

Released: MITRE ATT&CK v10

MITRE Corporation has released the tenth version of ATT&CK, its globally accessible (and free!) knowledge base of cyber adversary tactics and techniques based on real-world observations. Version ten comes with new Data Source objects, new and changed techniques in its various matrices, key changes to facilitate hunting in ICS environments, and more. Source: MITRE MITRE ATT&CK v10 The most prominent change in this newest version of the framework is new objects with aggregated information about … More

encryption

Many organizations lack basic cyber hygiene despite high confidence in their cyber defenses

SpyCloud released an analysis of IT security leaders’ perceived threat of ransomware attacks and the maturity of their cybersecurity defenses. The report found that while 81% of those surveyed consider their security to be above average or exceptional, many lack basic cyber hygiene – 41% lack a password complexity requirement, one of the cheapest, easiest forms of protection, and only 55.6% have implemented multi-factor authentication (MFA). “The loss of data and resources due to ransomware … More

Splunk enhances security solutions to help organizations embrace digital transformation

Splunk announced a series of new product innovations designed to help organizations securely embrace digital transformation by providing the security visibility needed to accelerate time to detection, investigation and response. Led by new enhancements to Splunk Security Cloud and Splunk SOAR, Splunk provides organizations a comprehensive Security Operations Center (SOC) platform with intelligence, analytics and automation. Enterprise security leaders are in the midst of massive digital transformation, which was further accelerated over the last year … More

stop

Secure your databases against opportunistic attackers

If you connect databases / servers to the internet and secure them poorly, you can count on them getting compromised quickly. According to findings by Radoslaw Zdonczyk, Security Researcher at Trustwave SpiderLabs, there will be login attempts even before the systems’ IP addresses get listed by internet scanners like Shodan and BinaryEdge, and once that happens, their number will grow. Hackers are ready to pounce For his experiment, Zdonczyk deployed two MySQL and MariaDB servers … More

biometrics

Multi-factor authentications soar as enterprises move away from passwords to secure hybrid workers

Enterprises are taking steps to move away from passwords and adopting low-friction authentication methods to protect the hybrid workforce, a Cisco’s Duo Security report reveals. Multi-factor authentications increased significantly While the total number of multi-factor authentications increased 39% in the past year, biometric authentications grew even faster at 48%. The report analyzed data from more than 36 million devices, over 400 thousand unique applications and roughly 800 million monthly authentications. It revealed how organizations across … More

AI

Policy automation to eliminate configuration errors

Far too often, major security breaches can be traced back to a configuration error. Changes and adjustments to network and security configurations are unavoidable; they are a necessary part of managing a company’s technology environment. But it’s important to recognize that they are also risky and can have unexpected consequences – from service interruptions, performance degradation and unintended downtime to security breaches and violations of compliance requirements. A complex environment On the surface, it might … More

endpoint protection

70% of businesses can’t ensure the same level of protection for every endpoint

A Deep Instinct research, which seeks to discover the cybersecurity concerns keeping CISO’s and SecOps professional up at night, found that 86% of UK respondents believe it is not possible to fully prevent ransomware and malware attacks from compromising their organizations defenses. It also found that the rise in the number of endpoints that businesses need to protect continues to be a key source of risk exposure. The research, which surveyed 1,500 cybersecurity professionals globally … More

Datto SaaS Defense protects cloud-based applications for MSPs

Following its acquisition of Israel-based cyber threat detection company BitDam earlier this year, Datto debuted its SaaS Defense security product built exclusively for MSPs. The advanced threat protection and spam-filtering solution provides MSPs with patented technology to proactively detect and prevent malicious malware, phishing, and Business Email Compromise (BEC) attacks that target Microsoft Exchange, OneDrive, SharePoint, and Teams. “MSPs protect and manage more Microsoft 365 accounts collectively than any one enterprise. This technology will now … More

Aqua Security launches CNDR capabilities to detect patterns and respond with granular runtime controls

Aqua Security adds a new detection and response capability (CNDR) to its Cloud Native Application Protection Platform (CNAPP), using real-time behavioral indicators to identify zero-day attacks from low-level eBPF events surfaced by Aqua’s open source project Tracee. The new detection capabilities, combined with Aqua’s runtime security controls, make Aqua the only vendor that can both detect and granularly prevent malicious activity from spreading without disrupting the production environment. Newly identified behavioral indicators CNDR leverages continually … More

ThreatMapper

ThreatMapper: Open source platform for scanning runtime environments

Deepfence announced open source availability of ThreatMapper, a signature offering that automatically scans, maps and ranks application vulnerabilities across serverless, Kubernetes, container and multi-cloud environments. Scanning runtime environments ThreatMapper is an open source platform for scanning runtime environments for software supply chain vulnerabilities and contextualizing threats to help organizations determine which to address and when. Taking threat feeds from more than 50 different sources, the comprehensive suite of ThreatMapper capabilities and features are available on … More

Software

Fugue adds Kubernetes security checks for securing IaC and cloud runtime environments

Fugue announced support for Kubernetes security prior to deployment. Using policy as code automation built on the open source Regula policy engine, Fugue provides a unified platform for securing infrastructure as code (IaC) and cloud runtime environments using a single set of policies, saving cloud teams significant time and ensuring consistent policy enforcement across the development life cycle. With this release, organizations can now use Fugue to secure infrastructure as code for Kubernetes, Terraform and … More