As key parts of the software ecosystem, and as partners, JFrog and Docker are working together to strengthen the software ecosystem. Part of this effort by JFrog’s security research team involves continuous monitoring of open-source software registries in order to proactively identify and address potential malware and vulnerability threats.

External penetration testing is a critical cybersecurity practice that helps organisations defend their internet-facing assets. By simulating the actions of a real-world attacker, external penetration tests reveal vulnerabilities in your web applications, networks, and other externally accessible systems.

Cyber incident response offers a structured approach to respond to, manage and mitigate security incidents in order to limit the potential disruption of attacks. In this blog, we discuss how small and medium-sized businesses (SMBs) are being impacted by cyber threats, what cyber incident response involves and the steps you can take to protect your business.

On April 24, 2024, Cisco Talos and several government security agencies published details on a sophisticated threat campaign focused on espionage and gaining unauthorized access to sensitive information from targeted government entities and organizations in critical infrastructure. As part of that publication, Cisco disclosed CVE-2024-20353 and CVE-2024-20359, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) devices, which were actively exploited in the documented campaign.

The Critical Entities Resilience (CER) Directive is a new initiative in the EU that aims to ensure that critical entities providing essential services are effectively managing their network and information security. The CER Directive is part of the EU’s latest effort to build stronger cyber resilience across Europe, alongside NIS2 and the EU Cyber Resilience Act.

In January 2023, the European Commission (EC) released an updated version of the European Union (EU) Network and Information Security Directive (NIS2) to strengthen cybersecurity risk management across Europe’s essential services. NIS2 updates the original NIS directive and focuses more on regulations for cloud infrastructure, internet exchanges, domain service providers, and digital service providers.

Clifford Stoll, astronomer, author, and teacher, often joked about computer passwords. He said, “Treat your passwords like a toothbrush. Don’t let anybody else use it, and get a new one every six months.”