The Russian invasion of Ukraine has heightened government and business awareness around the reality that nation-state cyber threats pose. To cover all the implications of the threat posed by nation-state actors and the groups they sponsor, we sat down with Gary De Mercurio, VP, Global Practice Lead, Trustwave SpiderLabs.

Scanning your packages for security vulnerabilities and license violations should be done as early as possible in your SDLC, and the earlier the better. This concept is also known as “Shifting Left”, which helps your organization comply with security policies and standards early on in the software development process. As developers, this may seem like a hassle, but with JFrog CLI it’s easy!

It’s your turn, Android folks! The newest generation of 1Password is now available in Early Access – so put on your explorer hats, help us track down those bugs, and let the feedback flow.🕵️‍♀️

Cyberattacks are alarming, and establishments must increase protections, embrace a layered attitude, and cultivate security-conscious users to combat growing concerns. Cybersecurity leaders are being inundated with talent development resources offered, encompassing hiring, recruitment, and retention of the talent pipeline. Fifty percent of hiring managers typically deem that their candidates aren’t highly qualified.

On Thursday, May 12, 2022, Zyxel released a patch advisory for an unauthenticated remote code execution (RCE) vulnerability in their line of Firewall products tracked as CVE-2022-30525. The exploitation of this vulnerability can allow a threat actor to modify specific files and execute code remotely on a vulnerable appliance. Proof of Concept (PoC) exploit code for this vulnerability has been made publicly available via multiple sources.

If you are an application developer or security analyst, you likely spend a lot of time thinking about your customers’ security. IT operations teams have found many ways to help secure login portals by implementing dual authentication and Single-Sign-On (SSO) portals. Many IT organizations have learned to use SSO and Two Factor Authentication (2FA) to help secure their codebase and employee data. This method is great, assuming that all users are compliant with 2FA.

To stay ahead of malicious attacks, developers and security teams must have a way to identify, prioritize, fix, and monitor vulnerabilities, a process known as vulnerability remediation. When it comes to detection, organizations can use a variety of application security testing (AST) tools to identify vulnerabilities in software applications and other systems.

We are thrilled to announce that Arctic Wolf has made the 2022 CNBC Disruptor 50 list, the company’s tenth annual ranking of the most game-changing private companies using technology to advance their industry. This list identifies fast-growing, innovative start-ups and Arctic Wolf is recognized for its revolutionary role in bringing security operations to organizations of all sizes, leading the few cybersecurity companies included on this year’s list.

Ransomware continues to be a prevalent threat to almost every modern industry after a sudden renaissance at the beginning of the COVID-19 pandemic as threat actors sought to capitalize on overwhelmed organizations and their suddenly vulnerable employees. It poses a particular danger to companies that hold sensitive data and house valuable assets, or those that could impact countless other industries and organizations should their critical operations be taken offline.