Open source vulnerabilities are on the rise, as are the number of malicious packages published in registries such as npm and rubygems. This is great news for threat actors, who are always quick to exploit new material. And as the importance of software supply chains increases, so have the number of attacks launched at...
Open source components play a huge part in the products, software, and applications that organizations create, by providing the core code for their output. It’s a trend that continues to grow, as the use of these components escalates. Consequently, the issues of open source licenses and compliance simply can’t be...
As a foundational element of the digital world, applications are increasingly targeted by threat actors. To adapt to the constantly evolving threat landscape of today’s digital world, IT and security leaders need to build a modern AppSec strategy designed to support demanding development cycles while also ensuring...
When WTW’s ICT business began to investigate Software Composition Analysis (SCA) tools in 2018, its challenges revolved around open-source licensing for its enterprise products designed for the insurance industry. “Copyleft” licenses represented an area of particular concern for WTW’s legal teams.
After...
Platform players such as Cisco and Palo Alto Networks and pure-play vendors such as Lookout and Versa Networks top the first-ever vendor evaluation of the SASE market. Versa edged out Palo Alto Networks in product leadership, and Cisco was a distant third, the KuppingerCole Leadership Compass found.
Technologists were quick to point out that popular AI-based chatbot, ChatGPT, could lower the bar for attackers in phishing campaigns and even write malware code, but Cato Networks' Etay Maor advises taking these predictions "with a grain of salt" and explores the pros and cons of ChatGPT.
The move to cloud email has allowed companies to streamline security investments and leverage the native Microsoft functionality provided by Exchange Online Protection (EOP) and Defender for Office 365 (MDO). But this approach isn’t perfect, and many companies have realized that they need an additional layer of...
The Royal ransomware group targeting critical infrastructure in the United States and other countries is made up of experienced ransomware attackers and has strong similarities to Conti, the infamous Russia-linked hacking group, according to a new alert issued by U.S. authorities.
Threat actors actively targeting multinational clients of data center outsourcers and help desk providers in China and Singapore are posting stolen credentials for sale on data leak sites, and cybersecurity firm Resecurity says these actions could be part of a nation-state cyberespionage campaign.
In the 21-month stretch from October 2020 to June 2022, a whopping 48 cybersecurity startups received 10-figure valuations as investors evaluated prospects on potential rather than performance. Now that the financial boom has gone bust, what happens to these unicorns from a different economic era?
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
Summa Equity bought a majority stake in Logpoint to help the security operations firm expand in areas such as automation, detection and response, and attack surface management. The sustainable growth fund says the acquisition will allow the company to acquire technologies in adjacent areas.
By 2026, at least 60% of I&O leaders will use digital experience monitoring to measure application, services and endpoint performance from the user’s viewpoint, according to Gartner’s Market Guide for Digital Experience Monitoring. As employees increasingly work from home and remote locations, the demand for...
As U.S. prosecutors continue to probe collapsed cryptocurrency exchange FTX, Nishad Singh, the former head of engineering, has pleaded guilty to multiple criminal charges and agreed to assist prosecutors with their case against founder Sam Bankman-Fried, accused of orchestrating billions in fraud.
According to Gartner, by 2026, 50% of organizations will prioritize advanced data security features for inspection of data at rest and in motion as a selection criterion for SSE, up from 15% in 2021.
Needless to say the shifting to the cloud and the hybrid working has moved private apps, users, and data outside...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.