DevOps and security: How to make disjointed security and DevOps teams work effectively
As organizations build their “software factories”, leveraging the latest DevOps organizational models and CD/CI techniques to get applications out quickly, they still find …
How task management and easy collaboration can help your security team
Many individuals struggle with organizing their day-to-day work. In instances where they are expected to perform many disparate tasks, disorganization could end up being fatal …
Consumers can’t shake risky security habits
Despite almost half of U.S. consumers (49 percent) believing their security habits make them vulnerable to information fraud or identity theft, 51 percent admit to reusing …
Hybrid cloud complexity pushes organizations to look for more security tools
As more organizations embrace hybrid cloud – with more than 50 percent claiming a hybrid cloud setup – and serverless, now used by close to third of organizations, …
Self-encrypting SSDs vulnerable to encryption bypass attacks
Researchers have discovered security holes in the hardware encryption implementation of several solid state disks (SSDs) manufactured by Crucial (owned by Micron) and Samsung, …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
GPU side channel attacks can enable spying on web activity, password stealing
Computer scientists at the University of California, Riverside have revealed for the first time how easily attackers can use a computer’s graphics processing unit, or …
How financial institutions can change the economics of fraud
In 2017, the number of identity fraud victims in the United States has risen to nearly 17 million. As the US became the last of the G20 countries to adopt Chip and …
Countering threats: Steps to take when developing APIs
High profile data breaches resulting from faulty APIs continue to make headlines. In the last few months alone, T-Mobile’s data breach resulted in hackers stealing personal …
High risk vulnerability discovered in Sauter CASE Suite building automation software
Applied Risk researcher, Gjoko Krstic, has identified a security vulnerability in the Sauter CASE Suite, a software package used to handle building automation projects with …
Post implementation, GDPR costs higher than expected
A Versasec survey examining the global impact of the General Data Protection Regulation (GDPR) nearly six months after its roll-out shows the privacy regulation costs more to …
Netflix releases desktop versions of device security app Stethoscope
In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing …
Featured news
Resources
Don't miss
- The unseen side of malware and how to find it
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security