Rapid7 has acquired Velociraptor, an open-source endpoint-monitoring organization and community that will continue to operate as a stand-alone entity while the security firm adopts some of its technology. Meanwhile, Zscaler had announced a deal to buy Trustdome.
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
Joker malware has targeted more than 500,000 Android devices across the world through malicious apps in AppGallery, the official app store of Huawei, according to the security firm Doctor Web.
The latest edition of the ISMG Security Report features an analysis of whether the FBI removing malicious web shells from hundreds of compromised Microsoft Exchange Servers could set a precedent. Also featured is a description of an unusual fraud scam plus an update on security product development trends.
To help mitigate the risks of state-sponsored cyberattacks against India's critical infrastructure - and improve detection and response - requires industry collaboration and information sharing, root cause analysis with specialized forensics, and better testing of code, a panel of experts says.
The goal of a software security program is not to find security vulnerabilities; it is to find and fix security vulnerabilities. If you’ve got flaw details describing the vulnerabilities in your code, but don't have the context needed to address them – you don’t have what you need to lower your risk of breach....
Microsoft issued patches for its on-premises Exchange Server software, addressing four new critical vulnerabilities discovered by the National Security Agency. A zero-day vulnerability in Desktop Window Manager was also disclosed and patched.
Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
The new world of "work from anywhere" is all about connecting users to applications. “It’s just different,” says iBoss CEO Paul Martini. Yet, many enterprises still approach this new dynamic with the wrong security mindset. Martini outlines what they’re missing.
To deliver a secure infrastructure-as-code service, development teams must adopt a "shift left" strategy that brings all the applications and security under one umbrella to provide faster and continuous delivery of the fully automated code, according to Ori Bendet and Igor Markov of Checkmarx.
CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government agencies and companies for cyberespionage.
In this single 40 minute session, you will feel informed on the future of apps, clouds and infrastructure monitoring - and ready to tackle them. SREs, DevOps Team Leaders, ITOps Managers, Cloud Architects and anyone who has to modernize their toolsets to deal with the new business reality of “deliver better, deliver...
The 475,000 euro fine levied against Booking.com by Dutch privacy authorities should serve as a "wake-up call" for other companies when it comes to GDPR, some experts say. The company waited more than 20 days to report the breach to officials instead of the 72-hour window required under Europe's privacy law.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.