'

Microsoft Patch Tuesday, November 2023 Edition

Microsoft Patch Tuesday, November 2023 Edition

Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three “zero day” vulnerabilities that Microsoft warns are already being exploited in active attacks. The zero-day threats targeting Microsoft this month include CVE-2023-36025, a weakness that allows malicious content to bypass the Windows SmartScreen … Read more

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet implant written in Python. “Once a valid endpoint is discovered, it’s trivial to pull a malicious image and launch a container from it to carry out any conceivable … Read more

Code-to-cloud: Achieving complete cloud security

Code-to-cloud: Achieving complete cloud security

In the last decade, the technology industry experienced a massive shift toward the cloud where every company no matter the industry developed and deployed cloud-native applications. This pace shows no sign of stopping; we have an app economy – now bolstered by AI-led developments. Data reflects this momentum, with worldwide public cloud spending expected to … Read more

New Synopsys Research Reveals a Decrease in Software Vulnerabilities

New Synopsys Research Reveals a Decrease in Software Vulnerabilities

Today, Synopsys has released its 2023 Software Vulnerability Snapshot report, showcasing a notable decline in vulnerabilities within target applications. The Synopsys Cybersecurity Research Center (CyRC) analysed the data, revealing a decrease from 97% in 2020 to 83% in 2022. This positive trend suggests that practices such as code reviews, automated testing, and continuous integration are … Read more

Centripetal Launches Global Partner Program

Centripetal Launches Global Partner Program

Today, threat intelligence powered cybersecurity pros Centripetal have  launched their partner program to protect organisations around the world by operationalising threat intelligence to safeguard them from every known cyberthreat.  The Centripetal Global Partner Program gives organisations the opportunity to implement a stronger approach to cybersecurity, putting operationalised threat intelligence at the forefront, moving from a … Read more

Streaming and longer context lengths for LLMs on Workers AI

Streaming and longer context lengths for LLMs on Workers AI

Workers AI is our serverless GPU-powered inference platform running on top of Cloudflare’s global network. It provides a growing catalog of off-the-shelf models that run seamlessly with Workers and enable developers to build powerful and scalable AI applications in minutes. We’ve already seen developers doing amazing things with Workers AI, and we can’t wait to … Read more

As perimeter defenses fall, the identify-first approach steps into the breach

As perimeter defenses fall, the identify-first approach steps into the breach

By nearly all accounts, security leaders are increasingly shifting their focus from perimeter defenses such as the long-relied-upon firewall in favor of embracing a zero-trust approach. That, in turn, has put the need for strong identity programs front and center, and more specifically has boosted the identity-first strategy into the mainstream. Research confirms as much. … Read more

ACSC and CISA launch step-by-step business continuity instructions for SMBs

ACSC and CISA launch step-by-step business continuity instructions for SMBs

Business Continuity in a Box, a set of instructions to help organizations to maintain or re-establish basic operations during or after a cyber incident, has been published by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the US Cybersecurity and Infrastructure Security Agency (CISA). Its aim is to assist businesses to establish … Read more