John P. Mello Jr.

Contributor

John Mello writes on technology and cyber security for a number of online publications and is former managing editor of the Boston Business Journal and Boston Phoenix. Disclosure: He also writes for Hewlett-Packad's marketing website TechBeacon.

Ballooning growth of digital identities exposing organizations to greater cybersecurity risk

Ballooning growth of digital identities exposing organizations to greater cybersecurity risk

New enterprise initiatives are driving up the number of human and digital identities, increasing security risks.

Fuzzing tool company launches initiative to secure open-source software

Fuzzing tool company launches initiative to secure open-source software

ForAllSecure offers to pay developers to use its software to eliminate exploits in their code.

New PCI DSS v4.0 receives kudos for flexibility

New PCI DSS v4.0 receives kudos for flexibility

Customization, multi-factor authentication are key features in PCI DSS v4.0 global payment benchmark.

Upstart crime site woos Raid Forums orphans

Upstart crime site woos Raid Forums orphans

Breach Forums launches as alternative to mysteriously torpedoed illicit cybercrime community.

ESET refreshes enterprise products, embraces XDR

ESET refreshes enterprise products, embraces XDR

Auto-update, brute-force protection, and Android web control are among new features in ESET Protect.

New open-source tool tackles pesky access denial messages in AWS

New open-source tool tackles pesky access denial messages in AWS

Access Undenied will take a CloudTrail event with an 'Access Denied' outcome and tell you how to fix it.

Malware detections surge from

Malware detections surge from "COVID Bounce"

A year after pandemic peak, malicious threats to businesses and consumers rose above pre-virus levels, especially for mobile devices.

ExtraHop adds heat map to its AWS cloud-native security solution

ExtraHop adds heat map to its AWS cloud-native security solution

Reveal(x) 360 uses AI and machine learning to give security teams real-time information on cyberattacks.

Codenotary adds vulnerability scanning to its repertoire

Codenotary adds vulnerability scanning to its repertoire

With new addition, company's cloud solution boasts end-to-end protection of software supply chain.

Fortress creates center for security information on energy suppliers

Fortress creates center for security information on energy suppliers

Vendor library offers means to bolster supply-chain security through data sharing and communication.

Nearly 70% of tested ServiceNow instances leaking data

Nearly 70% of tested ServiceNow instances leaking data

The blame lies with customer misconfigurations, not flaws in the SaaS platform.

HackerOne calls for end of security by obscurity

HackerOne calls for end of security by obscurity

The bug hunting platform offers a proposal for greater corporate cybersecurity responsibility and transparency.

Intel adds security enhancements to vPro line

Intel adds security enhancements to vPro line

Hardware-based machine learning detects ransomware and cryptojacking attacks in real time.

Researchers find new way to neutralize side-channel memory attacks

Researchers find new way to neutralize side-channel memory attacks

The method, developed by MIT, improves on performance of alternative schemes to mitigate side-channel memory attack risks.

Attivo Networks expands Active Directory protection

Attivo Networks expands Active Directory protection

Domain Controller solution guards against bad behavior from unmanaged devices.

Ransomware is top attack vector on critical infrastructure

Ransomware is top attack vector on critical infrastructure

An annual review from Dragos finds much improvement needed to protect industrial systems. More regulation is possible if they don't.

Forcepoint One combines zero trust and SASE under a single umbrella

Forcepoint One combines zero trust and SASE under a single umbrella

Forcepoint introduces a single security platform as an alternative to a best-of-breed approach.

LiveAction tackles encryption blindness with new offering

LiveAction tackles encryption blindness with new offering

ThreatEye NV combines behavior analysis and machine learning to expose malware in encrypted network traffic.

New offering from DNSFilter targets shadow IT risks

New offering from DNSFilter targets shadow IT risks

DNS security firm's AppAware identifies risky apps and helps to subdue them.

Trousseau bolsters its Kubernetes security capabilities with support for HashiCorp Vault

Trousseau bolsters its Kubernetes security capabilities with support for HashiCorp Vault

Open-source software to protect secrets in Kubernetes adds first key manager to its portfolio.

Load More