Cloud9 Malware Offers a Paradise of Cyberattack Methods
A malicious browser extension that works on both Google Chrome and Microsoft Edge allows attackers to remotely take over someone's browser session and carry out a full range of...
Rezilion expands SBOM to support Windows environments
Software security platform Rezilion has expanded its Dynamic Software Bill of Materials (SBOM) capability to support Windows environments. The firm said the move will provide organizations with the tools...
GitHub releases new SDLC security features including private vulnerability reporting
GitHub has announced new security features across its platform to help protect the software development lifecycle (SDLC). These include private vulnerability reporting, CodeQL vulnerability scanning support for the Ruby...
Microsoft Quashes Bevy of Actively Exploited Zero-Days for November Patch Tuesday
Microsoft finally patched the publicly known "ProxyNotShell" and Mark of the Web (MotW) security vulnerabilities in its penultimate monthly security update for 2022 — two of six zero-day bugs...
6 Key Kubernetes DevSecOps Principles: People, Processes, Technology
Container-based application deployment is at its peak, as is the popularity of orchestration platforms like Kubernetes that form the underlying infrastructure for containerized applications. Because of its ability to...
Retail Sector Prepares for Annual Holiday Cybercrime Onslaught
For companies in the retail and hospitality sector, the holiday shopping season represents their busiest time of year, both for sales and fighting cybercrime threats.
This year is no different, with companies...
Report: GALA token exploit resulted from public leak of private key on GitHub
According to a new post by blockchain security firm SlowMist on Nov. 7, it appears that the last week’s token exploit affecting GameFi project Gala Games resulted from a public...
SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach
The US Securities and Exchange Commission (SEC) appears poised to take enforcement action against SolarWinds for the enterprise software company's alleged violation of federal securities laws when making statements...
Future of Web3 security with Immunefi and Brave CEOs: The Bug House 2022
Celebrating the myriads of accomplishments earned by the crypto ecosystem, Immunefi, Electric Capital, Bitscale Capital and MA Family together hosted The Bug House — a party for bringing together...
Qualys previews TotalCloud FlexScan for multicloud security management
Vulnerability management vendor Qualys this week announced the trial availability of its TotalCloud with FlexScan offering, an agentless, cloud-native vulnerability detection and response platform designed for use in multicloud...
