Search results for: software

ransomware

The various ways ransomware impacts your organization

Despite increased investment in tools to fight ransomware, 90% of organizations were affected by ransomware in some capacity over the past 12 months, according to SpyCloud’s 2022 Ransomware Defense Report. Allocation of security budgets Respondents ranked the risk of attack through third-party vendors as the main factor driving the allocation of security budgets, followed by the rise in frequency and sophistication of ransomware attacks. As a result, organizations’ ransomware mitigation solutions focus increasingly on the … More

open source

Open source projects under attack, with enterprises as the ultimate targets

Sonatype has found a massive year-over-year increase in cyberattacks aimed at open source projects. According to early data from Sonatype’s 8th annual State of the Software Supply Chain Report, an average 700% jump in cyberattacks against open source projects/repositories has been recorded over the last three years. To capitalize on weaknesses in upstream open source ecosystems, cybercriminals continue to target organizations through open source repositories. They contribute malware-infected software components that are distributed downstream and … More

Handshake

HBC selects Veeam to improve data protection and ransomware resilience

Veeam Software announced that HBC, a holding company of investments and businesses that operates at the intersection of technology, retail operations and real estate, has chosen Veeam Availability Suite to centralize data protection on premises and across clouds. Veeam helps HBC ensure business continuity, meet internal governance compliance requirements and protect against ransomware. Additionally, HBC saved more than $1 million in a one-time capital expenditure and saves $600,000 in recurring operational expenses annually. From the … More

architecture

3 ways to gauge your company’s preparedness to recover from data loss

Use these three questions to assess your company’s preparedness to retrieve lost data. 1. Do you have backups of your data? This fundamental question is the basis of your reaction and remediation strategy. Without a backup, data loss is inevitable. Where you store your data backup is nearly as important as creating copies in the first place. Storing your data in the cloud does not mean it is secure. Cloud services follow the cloud shared … More

Fuzz CLI

CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++

Fuzz testing helps developers protect their applications against memory corruptions, crashes that cause downtime, and other security issues, including DoS and uncaught exceptions. Code Intelligence has open-sourced a new security tool, CI Fuzz CLI, which lets developers run coverage-guided fuzz tests directly from the command line to find and fix vulnerabilities at scale. Fuzz testing is gaining popularity in the open-source community. Google’s Open-Source-Security (OSS) team recently reported more than 40,500 bugs in 650 open-source … More

phishing

Phishing attacks skyrocketing, over 1 million observed

The APWG’s Phishing Activity Trends Report reveals that in the second quarter of 2022, the APWG observed 1,097,811 total phishing attacks — the worst quarter for phishing that APWG has ever observed. The total for June was 381,717 attacks or phishing sites. The number of phishing attacks reported has quadrupled since early 2020 — when APWG was observing between 68,000 and 94,000 attacks per month. In the first quarter of 2022, OpSec Security found that … More

security platform

Authomize expands REST API framework to provide in-depth visibility into the IAM permission models

Authomize has expanded its REST API framework that enables customers to easily build their own custom connectors to their cloud and homegrown applications and services in as little as a couple of hours. Authomize’s Software-as-a-Service (SaaS) solution enables organizations to automatically secure access privileges across their entire cloud stack, including IaaS, SaaS, and IAM solutions. Utilizing native connectors, REST APIs, SCIM connectors, and a file uploader, Authomize can ingest, normalize, and analyze identity and access … More

week in review

Week in review: Revolut data breach, ManageEngine RCE flaw, free Linux security training courses

GTA 6 in-development footage leaked American video game publisher Rockstar Games has suffered an unfortunate data leak: someone has released online in-development footage/videos for Grand Theft Auto (GTA) 6, the eagerly anticipated instalment of the popular game. Uber says Lapsus$ gang is behind the recent breach Uber has confirmed that the recent breach of its systems started with a compromised account belonging to a contractor. Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559) Trellix Advanced … More

Appointments

DocuSign hires Allan Thygesen as CEO

DocuSign announced that the Company’s Board of Directors has hired Allan Thygesen as Chief Executive Officer. Allan Thygesen will assume the strategic leadership of the company and a role on DocuSign’s board of directors, effective October 10th. Mary Agnes “Maggie” Wilderotter will conclude her role as interim CEO with this appointment and will help Allan with a smooth transition. She will continue serving as Chairman of DocuSign’s Board of Directors. Allan is joining DocuSign from … More

Appointments

SecurityScorecard appoints Susan M. Gordon to Board of Directors

SecurityScorecard has unveiled that The Honorable Susan M. Gordon, former Principal Deputy Director of U.S. National Intelligence, has been appointed to its Board of Directors as an independent director. Gordon was the second-most senior intelligence official in the U.S., where she provided operational oversight of the agencies within the U.S. Intelligence Community, transforming how the community addressed emerging political, economic and national security trends. “Sue has been a winner at the highest levels of government … More

Appointments

Moshe Bar joins AlmaLinux Board of Directors

Codenotary CEO and chairman, Moshe Bar was elected to the board of the AlmaLinux OS Foundation, which stewards the community owned and governed open source CentOS replacement. Codenotary is a gold sponsor of AlmaLinux and uses the distribution extensively throughout hundreds of cloud instances. AlmaLinux is a free and open source Linux distribution, created originally by CloudLinux to provide a community-supported, production-grade enterprise operating system that is binary-compatible with Red Hat Enterprise Linux (RHEL). “The … More

arrows

Risk management focus shifts from external to internal exposure

Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, application development and mobile app security, social engineering and phishing, and PCI- and FedRAMP-specific findings, with data segmented by industry and company size. The report reflects the results of more than 3,100 penetration tests from nearly 1,600 client engagements in the technology, financial services, healthcare, and retail sectors. Long-term data shows that cyber … More