Month: February 2022

Malware & Threats

Issued by: Security Week

Available as a Ransomware-as-a-Service (RaaS), BlackByte has been used in attacks against US and foreign businesses, including in critical infrastructure sectors such as government, financial, and food and agriculture, the FBI and USSS warn. BlackByte operators recently claimed to have obtained financial data from the San Francisco 49ers as a result of an attack that…

Vulnerabilities

Issued by: Security Week

QNAP typically provides security updates for four years after a product has reached EOL status. The reason for that, the company says, is that some models may be technologically deprecated and may lack performance capabilities and operational memory, meaning that they may not receive updated drivers. However, due to evolving security threats targeting QNAP models,…

Network Security

Issued by: CIO Security

For many Chief Information Security Officers (CISOs), reporting to the board of directors has been handled as a reactionary, albeit very necessary task. After all, it’s the board of directors that sit atop the corporate governance model, so it is incumbent upon security professionals to keep them informed. But communicating about security incidents—like the Log4j…

Network Security

Issued by: CIO Security

Software-defined WAN, better known today as SD-WAN, is not the same technology that it was when it first got started. In the beginning, SD-WAN was essentially a way to enable organizations to use inexpensive broadband connectivity to connect back to the data center. It was a lower-cost alternative to other fixed-connectivity WAN options, most notably multiprotocol…

Application Security

Issued by: Dark Reading

Software intelligence company Dynatrace (NYSE: DT) today announced the launch of its DevSecOps Automation Partner Program. This enables alliance and solution partners to extend the capabilities of their DevSecOps offerings through seamless integrations with the Dynatrace® platform. The program also provides DevSecOps teams with easy access to more than a dozen leading solutions, including Bitbucket,…

Cloud Security

Issued by: Dark Reading

Software intelligence company Dynatrace (NYSE: DT) announced today that it has enhanced its Application Security Module to provide real-time, automatic attack detection and blocking to protect against injection attacks that exploit critical vulnerabilities, such as Log4Shell. This builds on existing capabilities, which include automatic detection of runtime vulnerabilities in cloud-native applications and container workloads. As…

Malware & Threats

Issued by: Dark Reading

You might have the luxury of time when planning for a vacation, but cybersecurity teams do not have the time to hunt in the wrong haystack when responding to security incidents. Every second matters in the wake of an intrusion detection, as threat actors move quickly from the first breach point to various other points…

Vulnerabilities

Issued by: Dark Reading

Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. These can range from fairly simple exploits of known vulnerabilities to very sophisticated attacks, sponsored by nation-state actors. The annual spending on enterprise software — also known as commercial off-the-shelf or…