0

April 28, 2022

Security News

U.S Cybersecurity Agency Lists 2021’s Top 15 Most Exploited Software Vulnerabilities

Log4Shell, ProxyShell, ProxyLogon, ZeroLogon, and flaws in Zoho ManageEngine AD SelfService Plus, Atlassian Confluence, and VMware vSphere Client emerged as some of the top...

0

April 21, 2022

NEWS & INDUSTRY / Vulnerabilities

Cisco Patches Virtual Conference Software Vulnerability Reported by NSA

Cisco on Wednesday announced the release of patches for several high-severity vulnerabilities in its products, including a bug reported by the National Security Agency...

0

April 15, 2022

Identity & Access / NEWS & INDUSTRY

House Panels Probe Gov’t Use of Facial Recognition Software

Two House committees have launched an investigation into the government’s use of facial recognition software that was most recently used by the Internal Revenue...

0

April 15, 2022

Security News

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller (WLC) that could be abused by an unauthenticated, remote...

0

April 5, 2022

Security News

FIN7 Hackers Leveraging Password Reuse and Software Supply Chain Attacks

The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen...

0

March 23, 2022

Security News

Some developers are fouling up open-source software

One of the most amazing things about open-source isn’t that it produces great software. It’s that so many developers put their egos aside to...

0

March 22, 2022

Application Security / Audits / Cloud Security / Compliance / Data Protection / Email Security / Endpoint Security / Identity & Access / Mobile Security / Network Security / NEWS & INDUSTRY / Privacy / Risk Management / Tracking & Law Enforcement / Virus & Malware / Vulnerabilities / Wireless Security

‘Secrets Sprawl’ Haunts Software Supply Chain Security

A cybersecurity startup is warning of a major, unattended weak link in the software supply chain: the vexing problem of valuable corporate secrets —...

0

March 21, 2022

Security News

Corrupted open-source software enters the Russian battlefield

It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called...

0

March 21, 2022

Audits / Compliance / Cybercrime / Management & Strategy / NEWS & INDUSTRY / Privacy / Privacy & Compliance / Risk Management

Italy Investigates Russia’s Kaspersky Antivirus Software

Italy’s data privacy watchdog said Friday it was investigating the “potential risks” that Russian antivirus software Kaspersky could be used to launch cyberattacks. It...

0

March 17, 2022

Application Security / Audits / Cloud Security / Compliance / Cyberwarfare / Data Protection / Disaster Recovery / Email Security / Endpoint Security / Identity & Access / Malware / Network Security / NEWS & INDUSTRY / Privacy / Risk Management / Security Architecture / Virus & Malware / Vulnerabilities

Software Supply Chain Weakness: Snyk Warns of ‘Deliberate Sabotage’ of NPM Ecosystem

Software supply chain security fears escalated again this week with the discovery of what’s being described as “deliberate sabotage” of code in the open-source...