For all the recent focus on artificial intelligence and its potential for deepfake impostures, the boiler room is still very much active in the criminal underworld. WIRED describes the ways in which people in many parts of the world (Ireland, France, Nigeria, and Mexico) have been recruited to work as freelancers for a company that seeks to profit from lonely people looking for love. This is how a typical operation runs.
Whether it’s an employee’s personal laptop, cloud storage, or thumb drive or any one of a countless number of software applications, shadow IT is a constant threat for any IT department.
‘A ship in port is safe, but that's not what ships are built for,’ said Dr. Grace Hopper, Rear Admiral of the US Navy and a computer pioneer. As soon as the ship leaves the harbor, or even the dock, there are risks. Depending on conditions and purposes, the ship's crew might decide they are negligible, that they can be recovered from, or that the potential rewards are worth the risk. The same ideas can be applied to computers.
Earlier this year, we released a report on the top 10 open source vulnerabilities from data based on user scans — giving you an inside look into the most common (and critical) vulnerabilities Snyk users found in their third-party code and dependencies. Building on this trend, we decided to look into the most common vulnerabilities in first-party code. While OWASP served as a guiding light for open source security intel, gathering data on proprietary code was a bit more complex.
In today’s business landscape, security and compliance mean everything. Because of this, many modern businesses look towards solutions that will provide customers and prospects with the most confidence and trust. One of these is SOC 2 compliance and attestation. SOC 2 is a marker of solid and consumer-minded companies that want to protect customer data.
Forrester has named CrowdStrike a Leader in The Forrester Wave™: Managed Detection and Response (MDR), Q2 2023 which recognizes how CrowdStrike’s “exceptional” Falcon Complete MDR service “blends products, platforms, and services seamlessly for customers.” Forrester evaluated 13 top MDR providers based on the strengths of their current offering, strategy and market presence.
I look back on L0pht’s testimony before Congress in 1998 with a mix of pride and reflection. It’s been twenty-five years since our group of hackers (or vulnerability researchers, if you will) stepped up to raise awareness about the importance of internet security in front of some of the world’s most powerful lawmakers. This event marked the beginning of a long journey towards increased cybersecurity awareness and implementation of measures to protect our digital world.
