Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Extended detection and response (XDR) solutions deliver powerful capabilities to help security teams fight adversaries by increasing visibility, simplifying operations and accelerating identification and remediation across the security stack. XDR platforms gather and aggregate security data from a variety of sources to help detect and contain advanced attacks. But when it comes to efficiently analyzing threat data and quickly identifying the root cause of an incident, not all XDR solutions are alike.

The UK’s Foreign Commonwealth and Development office (FCDO) was the target of a “serious cyber security incident”, it has emerged. The BBC understands unidentified hackers got inside the FCDO systems but were detected. This is just the latest in a spate of attacks on government departments in what seems to be an attempt to gain access to sensitive information.

As healthcare organizations digitally transform themselves to better serve a post-pandemic world, the prevailing goal in the past year has been for them to safely extend health services beyond clinical walls. Be it to power everything from pop-up clinics to telemedicine, this is driving the healthcare technology stack out to the edge.

One of the most exciting things about working at Teleport is getting to see how our infrastructure access solutions enable customers to grow their business. Since software has eaten the world, solutions like Teleport that enable developers to become more productive are essential to fast- growing companies. You simply can’t create a hyper growth business today without a strong software development muscle.

Many businesses are starting to investigate proactive vs reactive cybersecurity methods. Reactive cybersecurity strategies have been effective in the past when dealing with incidents and remain relatively effective where known threats are concerned. The problem is that cyber criminals are now aware that businesses are already prepared for known threats and are actively improving and evolving their cyber-attack methods to evade detection.

In this blog, we outline what vishing is, the key signs of an attack to look out for and how to defend your organisation.

There are tens of thousands of clandestine pages and forums on the dark web that are not indexed by search engines, so they remain hidden unless the user knows the address in advance. This includes discussion forums where techniques or tools are shared with which cyberattacks can then be launched, but these sites also serve as a black market for buying and selling illicitly obtained data.

As organizations deploy more and more cloud native workloads, the ability to protect them in a secure and cost-effective manner is becoming increasingly important. Data access is also more widely spread, making it even more critical to meet this protection need with a secure, logically air-gapped copy of that data.

Gary Pelczar, Devo’s vice president of global alliances, has been named a 2022 Channel Chief by CRN. Gary and his team launched Devo Drive, the company’s partner program for resellers, MSSPs and global systems integrators in 2021. In this post Gary shares his thoughts about the growth of Devo Drive, the value Devo delivers to partners, and what lies ahead.

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Most recently we disclosed 25 malicious packages in the npm repository that were picked up by our automated scanning tools.