Collaborate Disseminate
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. Security obviously will have some say in a patch management process because … Continue reading Optimizing the patch management process
Anomali, a leader in intelligence-driven cybersecurity solutions, published at Black Hat USA 2019 its latest research report: Suspected BITTER APT Continues Targeting Government of China and Chinese Organizations. The Anomali Threat Research Team disco… Continue reading Anomali discovers phishing campaign targeting Chinese government agencies
As the security industry finally leaves Las Vegas after a full week of Black Hat, Defcon, and Bsides, we wanted to set aside some time to take stock and think about all the trainings, presentations, research, and conversations during our week in the de… Continue reading Black Hat 2019 Recap: Transformation & the New Cybersecurity Culture
Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created the Security Audit Working Group to perform an audit in an open, transparent,… Continue reading Kubernetes security matures: Inside the project’s first audit
Three years ago at the Black Hat conference, Apple announced its first bug bounty program, which was invite-only and limited to iOS. At this year’s edition of the con, Ivan Krstić, Apple’s head of security engineering and architecture, announced … Continue reading Apple expands bug bounty program, opens it to all researchers, raises rewards
Critical vulnerabilities in the Siemens S7 Simatic programmable logic controller (PLC) have been discovered by cybersecurity researchers at Tel Aviv University and the Technion Institute of Technology. Prof. Avishai Wool and M.Sc student Uriel Malin of… Continue reading Vulnerabilities in Siemens’ most secure industrial PLCs can lead to industrial havoc
Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, to address security issues in some common configurations of the product. Adve… Continue reading Security flaw could turn load balancers into beachheads for cyber attacks
The omnipresence of consumer electronics and computer power, alongside modern trends (i.e., DevOps, microservices, and open source) that accelerate deployment cycles continue to strain enterprises’ ability to detect and identify exploitable flaws in a … Continue reading Six critical areas to focus on when integrating DevSecOps into an organization
SentinelOne, the autonomous endpoint protection company, announced at Black Hat USA 2019 the availability of the next generation of its server and workload protection offering. The new product, purpose-built for containers, including managed or unmanag… Continue reading SentinelOne enhances container and cloud-native workload protection
ID Experts announced public availability of its new free CyberScan dark web and social media scanning product. Unlike other free dark web offerings, CyberScan not only perpetually scans all levels of the dark web – surface, dark and deep – for the user… Continue reading ID Experts launches new free CyberScan dark web and social media scanning product