%term

CVE-2021-43702 from Discovery to Patch: ASUS Modem/Router Device Takeover Vulnerability

Jun 21, 2022 By Kroll In Kroll

While studying for my master's degree in cyber security, I co-authored a paper regarding the rollout of IoT devices and the security considerations that businesses need to address to ensure these devices are secure. The paper underscored how a large majority of IoT devices used vulnerable components and did not follow basic secure programming principles.

Read Post

Kroll

Read more about CVE-2021-43702 from Discovery to Patch: ASUS Modem/Router Device Takeover Vulnerability

Panther Labs CEO Jack Naglieri: How to make security operations painless

Jun 21, 2022 By Thomas Kinsella In Tines

Today on the Future of Security Operations podcast, Thomas is joined by Jack Naglieri, CEO of Panther Labs, a cloud-native SIEM platform that alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, and huge scalability with zero-ops.

Read Post

Tines

Read more about Panther Labs CEO Jack Naglieri: How to make security operations painless

Improvements in Go Fuzzing (Golang 1.19)

Jun 21, 2022 By Khaled Yakdan In Code Intelligence

Golang was the first programming language to support fuzzing as a first-class experience in version 1.18. This made it really easy for developers to write fuzz tests. Golang 1.14 introduced native compiler instrumentation for libFuzzer, which enables the use of libFuzzer to fuzz Go code. libFuzzer is one of the most advanced and widely used fuzzing engines and provides the most effective method for Golang Fuzzing.

Read Post

Code Intelligence

Read more about Improvements in Go Fuzzing (Golang 1.19)

What is MFA (Multi-Factor Authentication)? Learn How it Works

Jun 21, 2022 By Kyle Chin In UpGuard

Multi-factor authentication (MFA) is an authentication method that requires at least two forms of verification of the user’s identity to gain access to an account, application, or data set. Instead of needing just a username and password to log in, MFA adds additional layers of security by requiring users to verify their identity. Each additional verification method can prevent unauthorized access from cybercriminals or hackers from executing a successful cyber attack.

Read Post

UpGuard

Read more about What is MFA (Multi-Factor Authentication)? Learn How it Works

What is Data Leak Detection Software?

Jun 21, 2022 By Catherine Chipeta In UpGuard

Data leak detection software identifies an organization's data leaks – the accidental public exposure of sensitive data due to software misconfigurations and poor network security. Data leaks quickly become data breaches when cybercriminals identify and exploit this exposed data. The following scenario demonstrates the progression of a cyberattack facilitated by a data leak attack vector.

Read Post

UpGuard

Read more about What is Data Leak Detection Software?

Meet Feroot - Client-Side Security Made Easy

Jun 21, 2022 By Feroot In Feroot

Empower your business with client-side security. Arm your application developers, security professionals, and privacy professionals with reliable client-side security technologies to develop secure JavaScript applications, stop client-side cyberattacks, and ensure compliance with global privacy regulations. Learn more about Feroot Security and what we can do to help you secure your client-side attack surface!

View Video

Feroot

Read more about Meet Feroot - Client-Side Security Made Easy

Privilege Escalation Attacks: Types, Examples and Defence

Jun 21, 2022 By Editor In Cyphere

When a system is breached, compromised or exploited, the attackers never stop after getting the initial access because it doesn’t give them privileged access. And the same thing goes in an offensive security assessment, i.e. infrastructure penetration testing or a red team assessment.

Read Post

Cyphere

Read more about Privilege Escalation Attacks: Types, Examples and Defence

EDR is the Path to XDR

Jun 21, 2022 By CrowdStrike In CrowdStrike

Learn more about why endpoint detection and response (EDR) is foundational for successful extended detection and response (XDR).

View Video

CrowdStrike

Security
XDR

Read more about EDR is the Path to XDR

Announcing the 2022 State of Open Source Security report from Snyk and the Linux Foundation

Jun 21, 2022 By Megan Moore In Snyk

Open source software is a key component in modern applications. It has created a new era in software development, promoting a free exchange of ideas within the developer community and enabling developers to build more functional software, faster than ever. Based on most estimates, 70-90% of any piece of modern software includes open source code.

Read Post

Snyk

Read more about Announcing the 2022 State of Open Source Security report from Snyk and the Linux Foundation

LimaCharlie: Security Infrastructure as a Service

Jun 21, 2022 By LimaCharlie In LimaCharlie

Full featured free tier of two agents. LimaCharlie provides cybersecurity tools and infrastructure on-demand in a way that scales. We call this approach Security Infrastructure as a Service. It is a DevOps or engineering-centric approach to cybersecurity. A way of getting things done that would feel familiar to anybody that has worked with Amazon Web Services or any other major cloud provider. There are no contracts and no minimums. Easily get what you want and only pay for what you use.

View Video