Day: November 1, 2023
-
Malicious package campaign on NuGet abuses MSBuild integrations
Attackers are constantly coming up with new ways to deploy rogue packages on public registries for different programming languages with the goal of executing malware code when those packages are imported and used in projects. The latest example is an attack campaign recently detected on NuGet Gallery, the repository for .NET packages, in which attackers…
-
Cloudflare incident on October 30, 2023
Multiple Cloudflare services were unavailable for 37 minutes on October 30, 2023. This was due to the misconfiguration of a deployment tool used by Workers KV. This was a frustrating incident, made more difficult by Cloudflare’s reliance on our own suite of products. We are deeply sorry for the impact it had on customers. What…
-
Introducing notifications for HTTP Traffic Anomalies
When it comes to managing Internet properties, the difference between a small technical hiccup and major incident is often a matter of speed. Proactive alerting plays a crucial role, which is why we were excited when we released HTTP Error Rate notifications — giving administrators visibility into when end users are experiencing errors. But what…
-
Searchlight Cyber partners with the Innocent Lives Foundation to catch child predators
Dark web intelligence company Searchlight Cyber has announced a partnership with the Innocent Lives Foundation (ILF) to assist in the non-profit organization’s efforts to catch, identify, and bring to justice anonymous child predators. The ILF is using Searchlight’s dark web investigation solution Cerberus to gather intelligence and build cases against offenders operating on the dark…
-
BackSlash’s new ASPM combines existing AppSec with context-based risk prioritization
Application code security provider BackSlash has announced a new application security posture management (ASPM) platform to combine its existing application security (AppSec) capabilities with a few new ones. The new platform will pack BackSlash’s existing AppSec solutions including software component analysis (SCA), static application security testing (SAST), software bill of materials (SBOM), vulnerability exploitability exchange…
-
28 countries reach landmark agreement on “safe and responsible” AI development
A collection of almost 30 countries that includes the US and China, along with the European Union (EU), have reached a world-first agreement at Bletchley Park establishing a shared understanding of the opportunities and risks posed by frontier AI. The agreement also recognizes the need for governments to work together to meet the most significant…
-
Keeper Security Begins Relationship with Ingram Micro to Expand Access to Keeper’s Cybersecurity Solutions
Today, Keeper Security has announced its new relationship with Ingram Micro, Inc. to distribute its products to value-added resellers and technology solutions providers in the United Kingdom, Germany, Belgium, Netherlands and Luxembourg. The relationship with Ingram Micro, a global leader in technology and supply chain services, will expand Keeper’s footprint and help raise the collective…
-
7 best practices for enterprise attack surface management
More cloud computing solutions, remote and work-from-home systems and internet-connected devices increase risk from an expanded attack surface. As surveys predict the enterprise attack surface will continue to increase, the best way to reduce the number of vulnerabilities is to establish a proper enterprise attack surface management program. Several IT assets accessing corporate networks services…
-
From classroom to cyberfront: Unlocking the potential of the next generation of cyber defenders
In a world where the digital frontier is expanding and cyberattacks are becoming more sophisticated with speed and scale, the guardians of our virtual realms have never been in greater demand.1 It’s important to leverage this year’s Cybersecurity Awareness Month to celebrate the people who keep us safe and to raise visibility on the need…