Security vulnerabilities stories - Page 6
Iran-sponsored group using GitHub to deploy custom malware
Tue, 13th Dec 2022
#
app development
#
advanced persistent threat protection
#
apm
The Secureworks Counter Threat Unit (CTU) has uncovered a subgroup of Iranian Cobalt Mirage using GitHub to store and deploy malware.
China-based threat group targeting SE Asia, says Mandiant
Fri, 9th Dec 2022
#
malware
#
advanced persistent threat protection
#
cybersecurity
Identified as UNC4191, this cyber espionage threat leverages USB devices as an initial infection vector, concentrates on the Philippines, and has a China nexus.
ASX 200 companies on-par with FTSE 350, Fortune 500 - report
Mon, 5th Dec 2022
#
email security
#
rapid7
#
security vulnerabilities
ASX 200 companies have a good security posture, on-par with global counterparts, according to a new report by Rapid7.
Rapid7 unveils new capabilities to simplify CDR at AWS event
Thu, 1st Dec 2022
#
public cloud
#
aws
#
cloud services
Rapid7 showcases new capabilities at AWS re:Invent 2022 to make cloud detection and response and vulnerability assessments easier.
Varonis Systems launches new program through HackerOne
Thu, 1st Dec 2022
#
cloud security
#
saas
#
advanced persistent threat protection
Data security and analytics pioneer Varonis Systems has launched its public vulnerability disclosure program through HackerOne.
Forescout’s Vedere Labs details OT vulnerabilities in latest study
Wed, 30th Nov 2022
#
it in manufacturing
#
iot security
#
forescout technologies
Forescout’s Vedere Labs disclosed an update to its OT:ICEFALL study distributed in June 2022, which detailed vulnerabilities found in thousands of OT devices.
Gallagher named Security Software Manufacturer of the Year
Mon, 28th Nov 2022
#
advanced persistent threat protection
#
cyber threats
#
security vulnerabilities
Global security manufacturer Gallagher has been awarded the Security Software Manufacturer of the Year accolade at the 2022 Security & Fire Excellence Awards.
Application Portfolio Management: A quick win today or a crisis tomorrow
Wed, 23rd Nov 2022
#
digital transformation
#
it debt
#
security vulnerabilities
It’s highly likely that Application Portfolio Management (APM) isn’t at the top of your to-do list. It may not even be on your list anymore.
HackerOne launches Gold Standard Safe Harbour statement
Thu, 17th Nov 2022
#
app development
#
apm
#
hackers
The GSSH is a short, broad, easily-understood safe harbour statement that’s simple for customers to adopt, HackerOne states.
Genetec warns against cyber crime risk from older systems
Thu, 17th Nov 2022
#
advanced persistent threat protection
#
security vulnerabilities
#
unified threat management
With the ever-increasing rise in cyber crime, Genetec is cautioning organisations of all sizes to be vigilant about the cybersecurity risk.
Varonis Labs discovers SQLi and access flaws in Zendesk
Wed, 16th Nov 2022
#
cybersecurity
#
nac
#
security vulnerabilities
Varonis helped solve an SQLi vulnerability and an access control flaw in Zendesk Explore that would have allowed a threat actor to leak data.
Aqua Security unveils new Lightning Enforcer offering
Wed, 16th Nov 2022
#
application security
#
advanced persistent threat protection
#
cybersecurity
Aqua Security launches Lightning Enforcer, an eBPF-based technology that provides real-time protection against zero-day attacks.
Building on the ‘Essential Eight’ with a people-centric approach to cybersecurity
Wed, 16th Nov 2022
#
breach prevention
#
iot
#
security vulnerabilities
Organisations often combat threats by placing too much emphasis on technology alone and too little emphasis on people and their behaviour.
Text4Shell++ - Where there’s smoke, there’s fire
Mon, 14th Nov 2022
#
devsecops
#
application security
#
web development
Apache's watchTowr Platform has identified dangerous string interpolation operators that could be abused by attackers.
.
Claroty's Team82 uncovers new ABB TotalFlow vulnerability
Mon, 14th Nov 2022
#
ransomware
#
cybersecurity
#
security vulnerabilities
New vulnerability found in ABB TotalFlow flow computers and controllers exposes oil and gas utilities to potential attacks.
Flashpoint releases a new ransomware prediction model
Fri, 11th Nov 2022
#
ransomware
#
cybersecurity
#
security vulnerabilities
It links individual vulnerabilities in ransomware operations, helping vulnerability management teams prevent potential cyber extortion events with VulnDB.
GitHub Universe: company unveils new enterprise products
Thu, 10th Nov 2022
#
app development
#
apm
#
open source
GitHub has announced a range of new products designed to accelerate the company's push into major enterprises at its San Francisco event.
Video: 10 Minute IT Jams - An update from Azul
Wed, 9th Nov 2022
#
advanced persistent threat protection
#
web development
#
development
Today on 10 Minute IT Jams, we are joined by Erik Costlow, who is the Senior Director of Product Management, Azul.
Azul launches a new Saas to secure software supply chain
Fri, 4th Nov 2022
#
saas
#
web development
#
cybersecurity
Azul’s Vulnerability Detection, the new SaaS product, continuously detects vulnerabilities in Java applications by eliminating false positives.
New Trustwave solution designed to uncover complex vulnerabilities
Wed, 2nd Nov 2022
#
testing
#
trustwave
#
security vulnerabilities
Trustwave introduces its new Enterprise Pen Testing offering to meet the testing needs of large organizations with extensive vulnerability identification.
Varonis uncovers two new Windows vulnerabilities
Thu, 27th Oct 2022
#
internet explorer
#
security vulnerabilities
#
windows
Users don’t have to use Internet Explorer for its legacy to have left you vulnerable to LogCrusher and OverLog.
Blue Connections improves The Dempsey Group's security posture
Tue, 18th Oct 2022
#
firewall
#
network management
#
network security
Blue Connections was chosen by The Dempsey Group to provide a Fortinet network security solution to refresh its ageing network infrastructure.
Claroty reveals new cryptographic key extraction method
Fri, 14th Oct 2022
#
information protection
#
claroty
#
security vulnerabilities
Claroty's Team82 exposes major security vulnerabilities in Siemens PLCs and Dataprobe's PDUs, prompting urgent updates.
Deloitte appoints Chris Gatford & Keith Hazelwood as CEO
Fri, 7th Oct 2022
#
testing
#
digital transformation
#
deloitte
Deloitte is expanding its cyber security offerings, with the team from leading cyber consultancy, Hacktive, joining the firm.