Applications

Okta ‘Breaches’ Weren’t Really Breaches

With two high-profile breaches this year, Okta, a leader in identity and access management (IAM), made the kind of headlines that security vendors would rather avoid. After seeing headlines like thes...

The Challenges Facing the Passwordless Future

For years the tech industry has promised a shift toward a passwordless future. In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology....

Software Supply Chain Security Guidance for Developers

Whether it’s package hijacking, dependency confusing, typosquatting, continuous integration and continuous delivery (CI/CD) compromises, or basic web exploitation of outdated dependencies, there are ...

CI/CD Pipeline is Major Software Supply Chain Risk: Black Hat Researchers

Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain, according to NCC researchers. The presentation at last week's...

Security Considerations for Data Lakes

Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Of course, since most commercial data lakes build off of existing ...

Exfiltration Can Be Stopped With Data-in-Use Encryption, Company Says

Even the most advanced and sophisticated security tools are failing to protect against ransomware and data exfiltration, according to a new report from data encryption vendor Titaniam. The St...

Best Zero Trust Security Solutions for 2022

A presidential executive order mandating a zero trust strategy for federal agencies has raised the profile of the cybersecurity technology and prompted many non-government IT security managers to co...

25 Most Dangerous Software Vulnerabilities & Flaws Identified by MITRE

MITRE has released its latest list of the top 25 most exploited vulnerabilities and exposures found in software. The MITRE CWE list is different from the product-specific CVE lists from the U.S. C...

CISA Urges Exchange Online Authentication Update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is recommending that government agencies and private organizations that use Microsoft's Exchange cloud email platform migrate users an...

Kubernetes Security Issues: Nearly a Million Instances Exposed on Internet

Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet. Cyble researchers detected misconfigured Kubernetes instances that could expose hun...

Latest articles