Concerning the latest data breaches on record, this past May was rather noteworthy. A host of organizations from around the world announced in fact, that they had experienced a data breach. From online retailers, travel booking sites, and high-tech startups, to social sharing sites, healthcare billing firms, and even title insurance companies, the long list
We just passed the one-year anniversary of Equifax’s announcement of their massive data breach due to an exploit of an Apache Struts vulnerability (CVE-2017-5638) – and incidentally, at nearly the same time that Apache announced another critical Apache Struts security flaw (). The latest Apache Struts vulnerability, CVE-2018-11776, was published in NVD on August 22,
The newly named Peekaboo vulnerability is a zero-day flaw in China-based Nuuo’s video recorder technology.The flaw in NVRMini2, a network-attached storage device, has remained unfixed in the three months since the vendor was alerted. This vulnerability put internet-connected CCTV cameras at risk, a grave concern for organizations using the service to view and manage
On Tuesday, security researcher Brian Krebs announced an issue with a service offered by Government Payment Service Inc. called GovPayNow. This service is used by U.S. state and local governments across 35 states, and it looks like it exposed 14 million customer records online. Whose records did they have, and what records were exposed? Government
Today, in an effort to better understand the evolving nature of software delivery and the role security plays, we released a new report, “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle,”which we commissioned with FreeForm Dynamics in coordination with The Register. The report aggregates input from 183 respondents worldwide, the majority
Software is at the backbone of the digital transformation We live in a world of massive digital transformation. The technical backbone of this transformation is software. Software can be found everywhere. It is in our homes, in our phones, and in our businesses. Over 80% of the code in today’s software applications is open source.
Security has been getting a bad rap. For far too long the perceived “inhibitors” have been sidestepped by DevOps in an effort to increase productivity. As Ryan Davidsen, vp, worldwide security solutions, Secureworks, noted, “Traditional approaches for integrating security oversight with application development aren’t keeping pace with the speed required by today’s DevOps teams.” But