Fujitsu says the attackers behind the May data breach used a vulnerability in the company’s ProjectWEB information-sharing tool to steal accounts from legitimate users and access...
‘Cloud-native security opens up an opportunity to connect the development side with the runtime and do security better. We want to build a company that can...
The SolarWinds cyberattack was unprecedented in both scope and scale. The sophisticated breach saw hackers bake their exploit into a trusted software update pushed out to...
The Government Accountability Office says CISA should also update its approach to communications sector reliability by securing the supply chain for information and communications technology. The...
From security-first design to safe device disposition, an industrywide initiative called Compute Lifecycle Assurance is making technology more secure for all users. Application-based attacks like the...
The maintainers of GoCD, a widely used, open source tool that automates the continuous delivery (CD) of software, have addressed three vulnerabilities that, if chained, could lead to...
2022 is just around the corner, and we are already following new developments in cybersecurity that will significantly impact your business in this upcoming year and...
Developers must use safer tools, a recent report concluded. After the SolarWinds and Kaseya attacks spread malware far and wide across government and business networks, Palo...
The effort aims to create a user-friendly label to educate consumers about their purchases. The National Institute of Standards and Technology is looking for input on...
An open source toolkit designed to detect and thwart dependency confusion attacks was unveiled at Black Hat Europe 2021 yesterday. Developed by DevSecOps vendor Apiiro, Dependency Combobulator can be embedded...
Recent Comments