Month: February 2022

Network Security

Issued by: Security Week

SecurityWeek will host its 2022 Attack Surface Management Summit, Presented by Randori, as a fully immersive virtual event today. With the pandemic-induced digital transformation underway, security teams are turning to Attack Surface Management (ASM) tools to continuously discover, inventory, classify, prioritize, and monitor digital assets for signs of weaknesses. In this special virtual summit and…

Network Security

Issued by: Security Week

The nonprofit cybersecurity organization is scanning the web for exposed services that use the Modbus industrial communications protocol on TCP port 502, but Shadowserver’s Piotr Kijewski told SecurityWeek that they plan on introducing many other ICS and operational technology (OT) protocol scans in the near future. Shadowserver has been working with national cybersecurity agencies, law…

Network Security

Issued by: Security Week

Phosphorus was founded in 2017 by Chris Rouland (CEO), Earle Ady (CTO), and Rebecca Rouland (CFO). Chris Rouland is no newcomer to start-ups., having previously founded Bastille and Endgame. He also stood up the X-Force division at IBM where he was CTO and Distinguished Engineer. Phosphorus was born from an epiphany. In 2016 Rouland read…

Software Security

Issued by: Dark Reading

Open source software is ubiquitous. It has become an unequaled driver of technological innovation because organizations that use it don’t have to reinvent the wheel for common software components. However, the ubiquity of open source software also presents a significant security risk, as it opens the door for vulnerabilities to be introduced (intentionally or inadvertently)…

Cloud Security

Issued by: Dark Reading

In its fifth acquisition in 18 months, Snyk entered the cloud security sector via its announced acquisition today of cloud security and compliance firm Fugue. Snyk ultimately plans to fold Fugue’s cloud security posture and policy management technology into its Snyk Developer Security Platform. In the meantime, it will begin integrating Fugue’s technologies for DevSecOps,…

Application Security

Issued by: Dark Reading

Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to stop a cyber-attack exploiting a GitLab vulnerability for the purposes of running crypto-mining malware at a major Italian electronics distributor. The GitLab vulnerability, which has been well reported, allows attackers to run arbitrary commands, including…

Cloud Security, Network Security

Issued by: Security Week

The Addison, TX-based company offers a SaaS-based, multi-tenant security analytics, operations and response platform that provides visibility and advanced detection and response. According to Securonix, the massive funding will allow it to make significant investments in talent acquisition across engineering, cloud operations, threats labs, and sales and marketing. “We solve a very tough problem that…

Vulnerabilities

Issued by: Security Week

One of these is CVE-2022-24086, a critical-severity (CVSS score 9.8) vulnerability in Adobe Commerce and Magento. Described as an improper input validation bug, the security hole can be exploited to achieve remote code execution, without authentication. On Sunday, Adobe released an emergency advisory to warn that it had observed very limited attacks targeting CVE-2022-24086. The…