Applications

Software Supply Chain Security Guidance for Developers

Whether it’s package hijacking, dependency confusing, typosquatting, continuous integration and continuous delivery (CI/CD) compromises, or basic web exploitation of outdated dependencies, there are ...

CI/CD Pipeline is Major Software Supply Chain Risk: Black Hat Researchers

Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain, according to NCC researchers. The presentation at last week's...

Security Considerations for Data Lakes

Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Of course, since most commercial data lakes build off of existing ...

Exfiltration Can Be Stopped With Data-in-Use Encryption, Company Says

Even the most advanced and sophisticated security tools are failing to protect against ransomware and data exfiltration, according to a new report from data encryption vendor Titaniam. The St...

Best Zero Trust Security Solutions

A presidential executive order mandating a zero trust strategy for federal agencies has raised the profile of the cybersecurity technology and prompted many non-government IT security managers to co...

25 Most Dangerous Software Vulnerabilities & Flaws Identified by MITRE

MITRE has released its latest list of the top 25 most exploited vulnerabilities and exposures found in software. The MITRE CWE list is different from the product-specific CVE lists from the U.S. C...

CISA Urges Exchange Online Authentication Update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is recommending that government agencies and private organizations that use Microsoft's Exchange cloud email platform migrate users an...

Kubernetes Security Issues: Nearly a Million Instances Exposed on Internet

Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet. Cyble researchers detected misconfigured Kubernetes instances that could expose hun...

Cybersecurity Agencies Release Guidance for PowerShell Security

PowerShell is one of the most common tools used by hackers in "living off the land" attacks, when malicious actors use an organization's own tools against itself. This week, U.S. cybersecurity age...

Microsoft 365 Research Highlights Cloud Vulnerabilities

In a sequence that suggests cloud services may be more vulnerable than many think, Proofpoint researchers have demonstrated how hackers could take over Microsoft 365 accounts to ransom files stored o...

Latest articles