Securing GitHub Actions for a safer DevOps pipeline
GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to …
Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored …
Turla’s Snake malware network disrupted by Five Eyes’ authorities
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …
5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest …
North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations
US and South Korean agencies have issued a joint cybersecurity advisory describing the tactics, techniques and procedures used by North Korean hackers to deploy …
NSA publishes IPv6 Security Guidance
The National Security Agency (NSA) published guidance to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with …
State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)
An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) …
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
KSOC announces that its Kubernetes security platform supports hardening NSA/CISA guidelines
KSOC announced that their platform satisfies the Kubernetes hardening guidelines issued by the National Security Agency (NSA) and Cybersecurity and Infrastructure Security …
Dragos partners with NSA and CISA to increase OT cybersecurity for United States critical infrastructure
Dragos has announced initiatives with the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) to strengthen security and visibility …
The dangers behind wildcard certificates: What enterprises need to know
With the National Security Agency recently issuing guidance on the risks associated with wildcard TLS certificates and Application Layer Protocols Allowing Cross-Protocol …
Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks
Huntress launched a series of platform enhancements designed to protect small and midsize businesses (SMBs) from modern cyberthreats. The release includes the general …
Featured news
Resources
Don't miss
- OAuth marketplace apps keep access after publishers vanish
- The modern-day business can learn a lot about risk from this year’s mega events
- Spotless compliance evidence can still hide a broken control
- From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
- Attackers already know the secrets are on your developers’ machines. Do you?