Malware

According to ESG research, 52% of organizations believe that security operations are more difficult today than they were two years ago, due to factors such as the dangerous threat landscape, growing attack surface, and the volume/complexity of security alerts. In analyzing this data, I see a common theme: scale. Security teams must be able to scale operations to deal with the increasing volume of everything coming at them. Faced with a global cybersecurity skills shortage,…

Read More

Java services company Azul has unveiled Azul Vulnerability Detection, a SaaS product that leverages the Azul JVM to continuously monitor Java applications for security vulnerabilities. Azul Vulnerability Detection, introduced November 2, is an agentless cloud service designed for production use. It addresses enterprise risk around software supply chain attacks and eliminates false positives while not impacting performance, Azul said. Accessible from azul.com, Azul Vulnerability Detection identifies code running in the Azul JVM and maps it…

Read More

The US Government Accountability Office (GAO) released a comprehensive report in late September 2022 that discussed the need for dedicated privacy leadership within the departments and agencies of the executive branch of government if goals surrounding privacy are to be achieved. The report highlighted how this void in leadership was in essence putting at risk well-intentioned plans and procedures for protecting the personal identifiable information (PII) held within those entities. The GAO recommended that Congress…

Read More

Cybersecurity vendor Netacea has announced the launch of a new Business Logic Intelligence Service (BLIS) designed to give customers actionable insight to help them tackle malicious bot activity and security threats. The firm said that the tiered, fee-based service will provide organizations with bot threat intelligence based on research including analysis of dark web forums and marketplaces. Earlier this year, the 2022 Imperva Bad Bot Report revealed an uptick in malicious bot activity driving online…

Read More

Passwords have always been a pain point in securing computing infrastructure. Complexity and length are key components of a strong password, but both make it inherently difficult for a human to remember. Additionally, passwords should be changed periodically, fine when you’re working with a handful of devices, but when your network is distributed geographically with hundreds, or thousands of computers things get more complex. Fortunately, Microsoft has had a solution to this problem in the…

Read More

The OpenSSL project released a patch for two high severity vulnerabilities in the world’s most widely used cryptographic library. The project’s maintainers warned users since last week to prepare for a critical patch on November 1, but the severity has since been downgraded following additional testing. Organizations should still determine which of their applications and servers are impacted and deploy the patches as soon as possible. The vulnerabilities affect all versions of OpenSSL 3.0, which…

Read More