Meet Devo SciSec
Devo CSO Gunter Ollmann explains the mission and vision of Devo SciSec.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Three Ransomware Myths
With the increased use of personal unmanaged devices organizations are exposed to new risks, especially ransomware attacks. In fact, over 35% of organizations never get their data back after an attack.
Take a Look Into the Rubrik Platform
Rubrik offers Zero Trust Data Security solutions to our customers globally so they can prepare for cyber threats like ransomware. As cybersecurity attacks continue to grow in volume and sophistication, solutions like Rubrik are vital for business continuity so that you can know when you are attacked, what data was impacted, quarantine the attack, and recover a clean copy of your data from an immutable backup.
SciSec Team Applies Creativity, Curiosity and Innovation to Help Security Teams Work Smarter and Protect Organizations from Threats
Today Devo announced Devo SciSec, which brings together a talented team of threat research, advanced data science, and machine learning experts under the leadership of CTO Gunter Ollmann to help our customers preemptively detect and mitigate entire classes of threats. See and hear what Gunter has to say about SciSec in this video. Even before their formal introduction, the SciSec team has been busy delivering value-added capabilities to Devo customers.
Zero Trust goes beyond standard security
Zero Trust is a modern, strategic approach to cybersecurity that secures organizations by eliminating implicit trust and continuously validating all interactions and experiences. Zero Trust moves cyber defenses from static, network-based perimeters to focus on users, assets, applications and resources without any implicit trust to enhance posture and reduce risk. At its core, Zero Trust is a perimeterless security approach.
Software Supply Chain Security for Open Source Projects
Attacks on the open-source value chain (OS supply chain) are becoming more sophisticated, and we, as software developers, are becoming the focus of these attacks. So what are the essential first steps, and what should you focus on? This raises the question of suitable methods and tools. At the same time, the company's strategic orientation must be considered in this security strategy. In the recent past, we have also learned that attacks are increasingly targeting individual infrastructure elements of software development, such as the classic CI/CD pipeline.
Code to cloud and back to code!
Developer-focused security from code to cloud, and back to code. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
OverWatch Casts a Wide Net for Follina: Hunting Beyond the Proof of Concept
CVE-2022-30190, aka Follina, was published by @nao_sec on Twitter on May 27, 2022 — the start of Memorial Day weekend in the U.S. — highlighting once again the need for round-the-clock cybersecurity coverage. Threat hunting in particular is critical in these instances, as it provides organizations with the surge support needed to combat adversaries and thwart their objectives.
CrowdStrike Uncovers New MacOS Browser Hijacking Campaign
The CrowdStrike Content Research team recently analyzed a MacOS targeted browser hijacking campaign that modifies the user’s browsing experience to deliver ads. Research began with a variant that uses a combination of known techniques to deliver, persist and sideload a Chrome extension. Analysis of the fake Chrome installer uncovered the use of more than 40 unique dropper files to install the extension.
Killnet: Analysis of Attacks from a Prominent Pro-Russian Hacktivist Group
In our new threat briefing report, Forescout’s Vedere Labs leverages a list of IP addresses known to be used by Killnet hacktivists during past attacks to study their TTPs when attacking a series of honeypots we control.