Illustrated by Dorathe Victor The Personal Information Protection and Electronic Documents Act (PIPEDA) is well-known if you are an organization based out of Canada. In place for more than 20 years, it sets out rules for how businesses should collect, use, and disclose personal information while dealing in commercial activities. Some pieces of personally identifiable information (PII) that are protected under PIPEDA are name, age, ID number, income, ethnic origin, blood type, and more.

The Russian invasion of Ukraine has heightened government and business awareness around the reality that nation-state cyber threats pose. To cover all the implications of the threat posed by nation-state actors and the groups they sponsor, we sat down with Gary De Mercurio, VP, Global Practice Lead, Trustwave SpiderLabs.

Scanning your packages for security vulnerabilities and license violations should be done as early as possible in your SDLC, and the earlier the better. This concept is also known as “Shifting Left”, which helps your organization comply with security policies and standards early on in the software development process. As developers, this may seem like a hassle, but with JFrog CLI it’s easy!

It’s your turn, Android folks! The newest generation of 1Password is now available in Early Access – so put on your explorer hats, help us track down those bugs, and let the feedback flow.🕵️‍♀️

Cyberattacks are alarming, and establishments must increase protections, embrace a layered attitude, and cultivate security-conscious users to combat growing concerns. Cybersecurity leaders are being inundated with talent development resources offered, encompassing hiring, recruitment, and retention of the talent pipeline. Fifty percent of hiring managers typically deem that their candidates aren’t highly qualified.

On Thursday, May 12, 2022, Zyxel released a patch advisory for an unauthenticated remote code execution (RCE) vulnerability in their line of Firewall products tracked as CVE-2022-30525. The exploitation of this vulnerability can allow a threat actor to modify specific files and execute code remotely on a vulnerable appliance. Proof of Concept (PoC) exploit code for this vulnerability has been made publicly available via multiple sources.

If you are an application developer or security analyst, you likely spend a lot of time thinking about your customers’ security. IT operations teams have found many ways to help secure login portals by implementing dual authentication and Single-Sign-On (SSO) portals. Many IT organizations have learned to use SSO and Two Factor Authentication (2FA) to help secure their codebase and employee data. This method is great, assuming that all users are compliant with 2FA.