%term

Four Reasons Vulnerabilities Remain Persistent

Feb 8, 2023 By Arctic Wolf In Arctic Wolf

Vulnerabilities cause the majority of cybercrime. There are always new vulnerabilities appearing as software gets updated and as cyber criminals work behind the scenes to find new backdoors to organizations’ systems. In the first half of 2022 alone, 81% of incidents happened through an external exposure — either a known vulnerability or a remote desktop protocol. The sheer volume of vulnerabilities grew again in 2022, with over 25,000 recorded, and over 800 have been actively exploited.

Read Post

Arctic Wolf

Read more about Four Reasons Vulnerabilities Remain Persistent

Snyk and Atlassian deepen partnership with Snyk security in Jira Software

Feb 8, 2023 By Sarah Conway In Snyk

Our long-standing partnership with Atlassian is built on our mutual commitment to providing a great developer experience. It started with our native integration within the Bitbucket Cloud UI, and today we’re incredibly excited to announce yet another new door opening in our partnership. The new Snyk integration for Jira Software will bring security and collaboration to Atlassian users at every stage of the development lifecycle.

Read Post

Snyk

Read more about Snyk and Atlassian deepen partnership with Snyk security in Jira Software

Explanation of Zero-Day in 3 seconds!

Feb 8, 2023 By Indusface In Indusface

In this session, John Goecke (CEO) discusses with Venky how everything changed for StratusVue after a ransomware attack in 2018. He shares how the construction industry is a soft target as there is no regulatory oversight, unlike in banking and healthcare, and security is always an afterthought for business owners. Along with all this, he explains complex terms like zero-day, zero-trust, FedRAMP, etc., in a highly rudimentary way.

View Video

Indusface

Read more about Explanation of Zero-Day in 3 seconds!

Snyk Integrations 101

Feb 7, 2023 By Snyk In Snyk

Do you want to learn about key initial integrations when getting started with Snyk? Watch this recording where Shawn Miller and Jim Jones cover Integrations 101.

View Video

Snyk

Read more about Snyk Integrations 101

How YellowAI Uses AWS & Snyk: Securing Cloud & Apps Using a Developer-First Approach

Feb 7, 2023 By Snyk In Snyk

Citu Singh of CNBC-TV18 asks technology business leaders to share their philosophy on developing applications quickly and safely. Apoorva Gaurav, VP of Engineering from YellowAI, talks about how his team uses Snyk, while Shaun McLagan, VP of Snyk APJ, shares the benefits of a developer-first approach to security.

View Video

Snyk

Read more about How YellowAI Uses AWS & Snyk: Securing Cloud & Apps Using a Developer-First Approach

Actively Exploited GoAnywhere MFT Zero-Day Vulnerability

Feb 7, 2023 By James Liolios In Arctic Wolf

On February 3, 2023, the developers of GoAnywhere MFT (Managed File Transfer) sent an advisory to their customers warning them of a zero-day remote code execution vulnerability being actively exploited in the wild. Exploitation of this vulnerability could allow sensitive data to be leaked and potentially used for extortion.

Read Post

Arctic Wolf

Read more about Actively Exploited GoAnywhere MFT Zero-Day Vulnerability

Evolving the Snyk CLI through an extensible approach

Feb 7, 2023 By Steve Winton In Snyk

Every day, thousands of developers use the Snyk CLI as part of their development workflow, to identify and resolve security issues in their code as early as possible. What if these developers and other security professionals could harness the power of this dev-first approach and also utilize entirely new security analyses, filters, and workflows via an extensible approach?

Read Post

Snyk

Read more about Evolving the Snyk CLI through an extensible approach

Money Lover App Vulnerability Exposes Personal Info

Feb 7, 2023 By Trustwave In Trustwave

An information disclosure vulnerability has been identified in Money Lover, a finance tracking application created by Finsify and available on Android, iOS, Microsoft Store, with a web interface. This vulnerability allows any authenticated user to view live transactions related to shared wallets.

Read Post

Trustwave

Read more about Money Lover App Vulnerability Exposes Personal Info

The 443 Episode 228 - What is CVSS?

Feb 7, 2023 By WatchGuard In WatchGuard

This week on the podcast we cover the Common Vulnerability Scoring System (CVSS) including how it works and some of its limitations. Before that though, we discuss a recent survey on the risks of ChatGPT's usage in cyberattacks and the latest activity from Lazarus, the North Korean government hacking operation. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 443 Episode 228 - What is CVSS?

Automate Cloud compliance with Snyk Cloud

Feb 7, 2023 By Lauren Place In Snyk

Audits are challenging. Especially when it comes to assessing abstract compliance standards against multiple cloud environments, unique cloud infrastructure setups, and many possible (mis)configurations. To help our customers automate compliance assessments, Snyk Cloud now supports 10+ compliance standards— including CIS Benchmarks for AWS, Azure, and Google Cloud, SOC 2, PCI DSS, ISO 27001, HIPAA, and more.

Read Post