Threat actors have been using GitHub‘s repojacking flaw to hijack and inject thousands of repositories with malicious code. Since this flaw has yet to be fixed, GitHub users will likely see more of these attacks soon. Luckily, there are ways to prevent cyberc...
With the rise of collaborative software development environments, it’s more important than ever to ensure that code quality and security are top priorities. After all, when multiple developers are working on a project, one bad actor can easily ruin things for...
Implementing a comprehensive security framework requires a strategy that brings security to the front of every stage of the development process — and zero trust is the answer. Here’s how it’s done … The Ponemon Institute recently collaborated with IBM in thei...
For the first time in the survey’s history, respondents to the Allianz Risk Barometer cited cyber incidents as their number one concern for 2022. This worry isn’t surprising, considering cybercriminals are getting bolder in their exploits. Lately, n...
Researchers recently announced the presence of a gaping security hole in Spring, a framework widely used by organizations developing Java applications. Designated CVE 2022 2965 and nicknamed SpringShell, the substantial chink in the collective Java ...
Organizations are now scanning for security vulnerabilities 20 times faster than just a few years ago. The increase in scanning activity is driven by several factors, including the growing use of automated scanning tools, the proliferation of cloud-based infr...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operational requirements for establishing security measures around payment security. It replaced a...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operations requirements for establishing security measures around payment security. It replaced a ...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operations requirements for establishing security measures around payment security. It replaced a ...
Unless you’ve been living under a rock, you’ve heard that cybercrime threatens small- to large-sized organizations across the globe. And not only are public sector organizations not immune, they’re a top target for hackers due to the volume of their proprieta...
Since Russia invaded Ukraine, a new threat vector has circulated in the open-source community. This threat vector, known as protestware, involves activists injecting malicious content into open-source code libraries to express political opinions. While most p...
No matter the project, no matter the industry, having secure, quality code is a critical factor to an organization’s success. If the code quality is lacking, or if there are significant vulnerabilities, a business risks financial losses and resource drain. IT...
