Collaborate Disseminate
69.1% of professionals with security responsibility believe a rethink is needed to deal with the threat of cybersecurity now that devices and applications have moved outside the corporate network, a SentryBay survey reveals. The poll aimed to assess at… Continue reading Rethinking cybersecurity becomes imperative as devices and apps move away from physical offices
93% of enterprise-level organizations have increased their use of unified communications and collaboration (UC&C) platforms since the onset of the COVID-19 pandemic, a NETSCOUT research reveals. However, the additional usage and increased performa… Continue reading Half of all helpdesk tickets relate to UC&C issues
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j v2.15.0. There’s CVE-2021-45046, a DoS/RCE flaw that was fixed in v2.16.0, t… Continue reading The Log4j saga: New vulnerabilities and attack vectors discovered
22% of employees are likely to expose their organization to the risk of cyber attack via a successful phishing attempt, a Phished report reveals. Analysis of the broad and diverse data set reveals how vulnerable the average employee is to phishing atta… Continue reading How likely are employees to fall prey to a phishing attack?
Veracode has revealed usage data that demonstrates cybersecurity is becoming more automated and componentized in line with modern software architectures and development practices. The analysis of 5,446,170 static scans and more than 310,000 apps over a… Continue reading Shifting security further left: DevSecOps becoming SecDevOps
GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, etc. It was designed to evaluate web application security solutions, such as API security proxi… Continue reading GoTestWAF: Open-source project for evaluating web application security solutions
Seventy-two percent of federal cybersecurity leaders say the White House’s May 2021 Cybersecurity Executive Order (EO) addresses only a fraction of today’s cybersecurity challenges, according to a study from MeriTalk. The study – which surveyed 150 fed… Continue reading The cybersecurity executive order is not all it’s cracked up to be
SecurityScorecard and CSC released comprehensive research detailing the impacts of an organization’s choice in domain registrar on their overall security ratings. The research shows that companies that select enterprise-class registrars (ECR) for domai… Continue reading Not all domain registrars are created equal: Consumer-grade vs. enterprise-class
Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, MetricStream, MobileSphere, Nerdio, Ping Identity, Pondurance, Syxsense, and Tufin. AwareGO Human Risk Assessment for Enterprise measures employees’ cyb… Continue reading New infosec products of the week: December 17, 2021
Now, with full transactional support for everyday business applications, the open source immudb tamper-proof database can serve as the main transactional database for enterprises. Version 1.2 has the ability to rollback changes and have data expire. “T… Continue reading Immudb: Open-source database, built on a zero trust model