Google Rolling Out Security Update for Google Drive
With this update, the search advertising giant is adding a resource key to sharing links, which will impact access to the files for those users who haven’t yet viewed the files. “Once the update has been applied to a file, users who haven’t viewed the file before will have to use a URL containing the…
Google Intros SLSA Framework to Enforce Supply Chain Integrity
The U.S. tech giant this week unveiled SLSA (Supply chain Levels for Software Artifacts), a new end-to-end framework the company hopes will drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. The framework, released as part of the OpenSSF Foundation, is essentially a set of…
Google Workspace Gets Client-Side Encryption
Google’s collaboration and productivity solution was already encrypting data, both when at rest and in transit, but the new feature is meant to provide additional control and ease of mind over the security of data. In addition to increasing the confidentiality of data, the feature also helps customers meet sovereignty and compliance requirements, as it…
New Google Tool Helps Developers Visualize Dependencies of Open Source Projects
In an effort to help developers gain a better perspective into the packages their open-source projects rely on, Google has introduced Open Source Insights, an exploratory visualization site that offers a view of dependencies, in an organized and accessible way. One of the main issues that Open Source Insights aims to address is related to…
Facebook Adapts Defenses as Deception Campaigns Go Stealth
The number of coordinated inauthentic behavior (CIB) campaigns derailed at the leading social network ramped up each year since a Russia-linked operation to sway the outcome of the 2016 US presidential election put Facebook on the defensive. While those behind influence operations (IO) went unchecked on the playing field in 2016, Facebook has invested in…
UK-Based API Security Firm 42Crunch Raises $17 Million
42Crunch provides an application programming interface (API) ‘micro firewall’. APIs are a serious and growing threat vector. In 2019, Gartner stated, “By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.” Its proposed solution was, “Use a Combination of API Management and Web…
Google: Four Recently Patched Android Vulnerabilities Exploited in Attacks
Rolling out to users since early May, the latest Android security update patches over 40 flaws, including four with a severity rating of critical. This week, Google Project Zero researcher Maddie Stone pointed out on Twitter that the security bulletin has been updated with a note on some bugs being exploited in the wild. A…
Agility Broke AppSec. Now It’s Going to Fix It.
In today’s high-tech industries, security is struggling to keep up with rapidly changing production systems and the chaos that agile development introduces into workflows. Application security (AppSec) teams are fighting an uphill battle to gain visibility and control over their environments. Rather than invest their time in critical activities, teams are overwhelmed by gaps in…
Android App Developers Required by Google to Share More Info on Data Handling
Planned as a safety section in Google Play, the change is expected to “help people understand the data an app collects or shares, if that data is secured, and additional details that impact privacy and security.” Google is already asking developers to say whether their application is collecting user data, but the new requirement will…
DevSecOps Company Sysdig Raises $188 Million at $1.19 Billion Valuation
The latest funding round, which brings the total raised by the company to $394 million, was led by Premji Invest & Associates and Third Point Ventures, with participation from Accel, Bain Capital Ventures, DFJ Growth, Glynn Capital, Goldman Sachs, Insight Partners, and Next47. The money will be used by the company to improve its products,…
