Built on a client-server model architecture and in use for roughly five decades, FTP allows for the easy transfer of files and folders between computers. However, because data is transmitted unencrypted, the protocol has long been considered insecure. Secure variants do exist, including one that leverages SSL/TLS (FTPS), or the SSH File Transfer Protocol (SFTP)….

According to Atlassian, security researcher Harrison Neal discovered that Jira Data Center — including Software Data Center and Core Data Center — and Jira Service Management Data Center software development products are affected by a critical flaw related to missing authentication for the Ehcache RMI network service. An attacker who can connect to this service…

The search advertising giant released a Chrome security refresh overnight with a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks. “Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” the company said in a cryptic line added to its advisory. The vulnerability…

The open-source browser refresh is currently rolling out with support for Fetch Metadata Request Headers, which means that web applications can better protect users against cross-site request forgery (CSRF), cross-site leaks (XS-Leaks), and speculative cross-site execution side channel attacks (such as Spectre). With the newly introduced feature, web application servers can distinguish between same-origin and…

Sevco Security, based in Austin, Texas, has raised $15 million in Series A funding led by SYN Ventures. The company said .406 Ventures, Accomplice, Bill Wood Ventures and fama Ventures also joined as investors. In a statement, Sevco Security said its platform delivers two values to customers: continuous converged visibility of all assets across siloed…

Founded in 2020, the Silicon Valley-based enterprise API security startup aims to help organizations secure both managed and unmanaged APIs. The startup says it has seen fast growth since emerging from stealth in December 2020. Over the past six months, the company has attracted 40 channel, reseller, and technology partners, while also adding hundreds of…

Google’s collaboration and productivity solution was already encrypting data, both when at rest and in transit, but the new feature is meant to provide additional control and ease of mind over the security of data. In addition to increasing the confidentiality of data, the feature also helps customers meet sovereignty and compliance requirements, as it…