%term

Quantifying the Probability of Flaws in Open Source

Jul 10, 2024 By Chris Eng In Veracode

Jay Jacobs and I recently delivered an RSA presentation called Quantifying the Probability of Flaws in Open Source. Since many people didn’t get a chance to see it, I thought I’d summarize some of the findings here for posterity. The question we investigated was simple, at least conceptually: what are the red flags of an open-source repository? Are there characteristics of a given open source library that would reliably indicate it was safer than others?

Read Post

Veracode

Read more about Quantifying the Probability of Flaws in Open Source

Essential Considerations When Choosing a DSPM Solution

Jul 10, 2024 By Dana Raveh In CrowdStrike

The advent of cloud technology has revolutionized organizations’ data use and security practices. Cloud development has decentralized data management, with development and DevOps teams — and now business intelligence (BI) and AI teams — dispersing data across multiple cloud service providers, regions and applications. This decentralization has fueled the proliferation of shadow data and heightened the risk of unintentional data exposure.

Read Post

CrowdStrike

Read more about Essential Considerations When Choosing a DSPM Solution

MDR for MSPs: the key to strengthening your portfolio and protecting your customers

Jul 10, 2024 By Iratxe Vazquez In WatchGuard

Managed service providers (MSPs) are key players in enterprise security, providing critical security services for customers who often lack in-house teams to manage them. However, the cyberthreat landscape is growing increasingly complex and challenging, even for these experts.

Read Post

WatchGuard

Read more about MDR for MSPs: the key to strengthening your portfolio and protecting your customers

Financial Business and Consumer Solutions Data Breach

Jul 10, 2024 By IDStrong In IDStrong

Financial Business and Consumer Solutions (FBCS) was founded in 1982 as Federal Bond Collection Services and currently has over 100 employees. Based in Pennsylvania, the name was later changed in 2014. The company is a licensed debt collection agency offering specialized solutions for creditors across various product verticals to meet their diverse needs. Such creditors include those playing in healthcare, consumer credit, utilities, auto, and education services.

Read Post

IDStrong

Read more about Financial Business and Consumer Solutions Data Breach

Secrets of a Cyber CEO: The Truth About Running a Cybersecurity Business with Jane Frankland

Jul 10, 2024 By Razorthorn In Razorthorn

Unlock the secrets to successfully navigating the cybersecurity business landscape with insights from industry legend Jane Frankland on this episode of Razorwire. Welcome to Razorwire, I'm your host, Jim and in today’s episode, we have the privilege of discussing the intricacies of running a successful cybersecurity business with none other than Jane Frankland. With over 26 years in the industry, Jane has built and sold businesses, influenced trends and mentored the next generation of cybersecurity professionals.

View Video

Razorthorn

Security

Read more about Secrets of a Cyber CEO: The Truth About Running a Cybersecurity Business with Jane Frankland

Navigating Compliance: A Guide to the U.S. Government Configuration Baseline

Jul 10, 2024 By Dan Jamison In Tripwire

For cybersecurity professionals tasked with defending the public sector, tackling the U.S. Government Configuration Baseline (USGCB) is just another hurdle to a safer federal tomorrow. Part of a wide collection of necessary federal government compliance requirements, it hones in on which baseline security configurations are necessary for federally deployed IT products.

Read Post

Tripwire

Read more about Navigating Compliance: A Guide to the U.S. Government Configuration Baseline

Uncover the Power of ThreatQ Platform: A Comprehensive Analysis

Jul 10, 2024 By Guest Blog In ThreatQuotient

In the ever-evolving landscape of cybersecurity, organizations face a growing number of sophisticated threats. To stay ahead, they must leverage advanced threat intelligence solutions that allow organizations to not only provide comprehensive insights but also empower them to act swiftly and decisively against a wide variety of threats and vulnerabilities. Enter ThreatQuotient, a leading player in the digital threat intelligence management space.

Read Post

ThreatQuotient

Read more about Uncover the Power of ThreatQ Platform: A Comprehensive Analysis

CTI Roundup: FakeBat Loader-as-a-Service, ESET H1 2024 Threat Report

Jul 10, 2024 By Tanium In Tanium

FakeBat loader spreads via multiple infection chains, and ESET releases its threat report from the first half of 2024.

Read Post

Tanium

Read more about CTI Roundup: FakeBat Loader-as-a-Service, ESET H1 2024 Threat Report

Polyfill.io Supply Chain Attack: Malicious JavaScript Injection Puts Over 100k Websites At Risk

Jul 10, 2024 By Wallarm In Wallarm

Polyfill.io helps web developers achieve cross-browser compatibility by automatically managing necessary polyfills. By adding a script tag to their HTML, developers can ensure that features like JavaScript functions, HTML5 elements, and various APIs work across different browsers. Originally developed by Andrew Betts, Polyfill.io injects JavaScript polyfill libraries based on the user agent or other characteristics, streamlining code maintenance.

Read Post

Wallarm

Read more about Polyfill.io Supply Chain Attack: Malicious JavaScript Injection Puts Over 100k Websites At Risk

Why You Need To Protect Your Streaming Services And How To Do It

Jul 10, 2024 By SecuritySenses In SecuritySenses

The best part about streaming services is that you get to share them with your friends. One person pays for Netflix, another one pays for Roku, a third one pays for Apple TV, and that's how the circle goes. You all share the login details and access all the shows on all platforms. But is it safe, and should you do it?

Read Post