CSO slideshow - Insider Security Breaches - Flag of China, binary code
risk assessment - challenge - danger

A magnifying lens exposes an exploit amid binary code.

CISA issues emergency warning over two new VMware vulnerabilities

The U.S. Cybersecurity and Infrastructure Agency issues emergency security directive over VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973, which threat actors are likely to exploit.

intro security vulnerability

Two account compromise flaws fixed in Strapi headless CMS

The vulnerabilities allow attackers to use a low-privilege account to reset the password of a higher-privilege account.

Encryption  >  A conceptual technological lock and encrypted code.

QuSecure launches end-to-end post-quantum cybersecurity solution

QuSecure claims new solution is the industry’s first end-to-end quantum software-based platform that protects encrypted communications and data using a quantum-secure channel.

Multiple-exposure shot of a clock and calendar pages. [time / past / future / history / what's next]

WannaCry 5 years on: Still a top threat

As security pros reminisce about the ransomware’s anniversary, some note the more things change, the more they stay the same.

cloud security / data protection / encryption / security transition

Deepfence Cloud builds on ThreatStryker security observability platform

The SaaS version of ThreatStryker will build on its real-time observation and protection abilities, spanning multiple cloud and development instances.

Industry 4.0 / Industrial IoT / Smart Factory / robotics / automation

NanoLock’s zero-trust cybersecurity suite to protect industrial machinery, production lines

Vendor claims to be the first to offer device-level protection solutions designed for legacy and new industrial machinery and smart factory production lines.

digital identity / authentication

Open-source standard aims to unify incompatible cloud identity systems

The project uses open source tech and a new common policy format to manage identity access policies across multi-clouds, on-premises systems, and vendors.

open source box open box out of the box empty

Google to launch repository service with security-tested versions of open-source software packages

The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies.

sucessfully transitioning to devsecops

Rezilion launches Dynamic SBOM for software supply chain devsecops

Rezilion’s new Dynamic SBOM (software bill of materials) works with its devsecops platform and is designed to help security teams understand how software components are being executed in runtime.

binary cyberattack cybersecurity hacked protected

CISOs worried about material attacks, boardroom backing

CISOs are also less concerned about ransomware attacks, but many says their organizations are still not properly prepared for them.


Intel bets big on security as a service for confidential computing

At its inaugural Vision event, Intel launched a security as a service initiative called Project Amber for confidential computing in the cloud, and outlined its support for secure and responsible AI and quantum-resistant cryptography....

Security system alert: 'DANGER'

Five Eyes nations warn MSPs of stepped-up cybersecurity threats

The warning likely comes in response to an increase in attacks on managed service providers, through which threat actors can access their clients.

20151027 red hat logo

Red Hat debuts edge features for Linux, Kubernetes platform security

At its annual Summit event, Red Hat is rolling out new edge-computing features for the company’s well-known enterprise Linux distribution, and security features for its Advanced Cluster Security for Kubernetes platform.

binary code, magnifying lens, skull and crossbones

Threat hunters expose novel IceApple attack framework

Suspected state-sponsored threat actor uses IceApple to target technology, academic and government sectors with deceptive software.

An anonymous hooded figure is surrounded by an abstract network of avatars.

ForgeRock offers AI-based solution for identity-based cyberattacks

ForgeRock Autonomous Access is designed to eliminate account takeovers and prevent fraud in real-time, using a combination of AI and advanced pattern recognition.

backdoor / abstract security circuits, locks and data blocks

Stealthy Linux implant BPFdoor compromised organizations globally for years

The China-linked backdoor takes advantage of the Berkeley Packet Filter on Unix systems to hide its presence.

trojan horse malware virus binary by v graphix getty

New RAT malware uses sophisticated evasion techniques, leverages COVID-19 messaging

Nerbian RAT malware uses significant anti-analysis and anti-reversing capabilities along with multiple open-source Go libraries to conduct malicious activity.

programmer certification skills code devops glasses student by kevin unsplash

Progress launches Chef Cloud Security to extend DevSecOps to cloud-native assets

The software provider has also enhanced its underlying security and compliance mechanism Chef InSpec with new features.

Load More