Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do. On Sept. 7, researchers at Citizen Lab warned they were … Read more

Malware distributor Storm-0324 facilitates ransomware access

Malware distributor Storm-0324 facilitates ransomware access

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool … Read more

Generative AI Adoption Surges in Software Development Despite Security Risks, Sonatype Research Finds

Generative AI Adoption Surges in Software Development Despite Security Risks, Sonatype Research Finds

New research from software supply chain management company Sonatype reveals how generative AI is influencing and impacting the work of software engineers and the software development life cycle. According to the 800 developer (DevOps) and application security (SecOps) leaders surveyed, virtually all (97%) are using the technology today, with three-quarters (74%) reporting they feel pressure … Read more

Salt Security Appoints New Senior Vice President, Corporate and Business Development

Today, Salt Security announced it has named Michael Porat Senior Vice President, Corporate and Business Development. Porat will direct alliances with the growing set of Salt technology partners as Salt infuses its rich API intelligence across the ecosystem. In addition, Porat will manage the Salt Security channel partner ecosystem, which continues to grow in breadth … Read more

Overconfident Organisations Prone to Cyber Breaches, Study Finds

Adarma, an independent leader in detection and response services, published a report titled “A False Sense of Cybersecurity: How Feeling Safe Can Sabotage Your Business.”  The report examines critical aspects of security operations like confidence levels, ‘tool sprawl’, the use of artificial intelligence and the productivity and well-being of security teams. Based on a survey* of … Read more

Don’t Leave Cybersecurity to Chance

In today’s digital age, where organisations heavily rely on technology and data, ensuring strong Cyber Security practices is paramount, and one often overlooked aspect, is the departure of staff members. The departure of an employee can introduce vulnerabilities and risks if not handled properly. Establishing a well-defined process for staff departures is crucial not only … Read more

Cisco Secure Application brings app and security teams together

Cisco Secure Application, previously known as Security Insights for Cloud Native Application Observability, is now available on the vendor’s Full-Stack Observability Platform, launched in June. Secure Application was designed to bring together applications and security teams across an organization to improve security of cloud-native or hybrid applications being built and deployed. Rushing products out leads … Read more

New Sentra tool to help classify sensitive enterprise data using LLMs

Classifying sensitive unstructured data like source codes or employee contracts will now be possible with the help of Sentra’s classification engine, which will now utilize large language models (LLM). Cloud data security provider, Sentra, has announced that LLMs are now built directly into its data security platform and classification engine to help enterprise customers reduce … Read more

Code Intelligence unveils new LLM-powered software security testing solution

Security testing firm Code Intelligence has announced the release of CI Spark, a new large language model (LLM) powered solution for software security testing. CI Spark makes use of LLMs to automatically identify attack surfaces and to suggest test code, leveraging generative AI’s code analysis and generation capabilities to automate the generation of fuzz tests, … Read more

Almost One in Three Parents Have Never Spoken to Their Children About Cybersecurity

Today, Keeper Security have announced the release of the Keeper Security Parental Practices Report: Conversations on Cybersecurity, which explores parental attitudes, practices and concerns regarding cybersecurity discussions with their children and sheds light on this imperative topic for families. The report found that one in three (30%) of parents admitted that they have never spoken … Read more

Over Half of UK Population Supportive of UK Government and Allies Breaking International Cybersecurity Law

According to new research by International Cyber Expo, over half of the UK population (53%) would be supportive of the UK government and its allies breaking international cybersecurity law, and 45% have admitted they would be supportive of, or engage in online cybercriminal activity themselves, in the right circumstances. The survey was conducted on 1,000 … Read more