Software Security Archives - Cyber Security Minute

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Issued by: DataBreach Today

Pervasive discontent with legacy SIEM offerings and Cisco’s proposed acquisition of Splunk has driven “a significant and pronounced increase in interest” in CrowdStrike’s SIEM offering. The Austin, Texas-based cybersecurity titan’s SIEM tool hit the $100 million annual recurring revenue milestone in the most recent quarter thanks to LogScale’s search speed, data gravity and cost efficiency,…

Software Security

‘KandyKorn’ macOS Malware Lures Crypto Engineers

Issued by: Dark Reading

The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…

Software Security

Microsoft pledges cybersecurity overhaul to protect products and services

Issued by: CSO Online

Microsoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats. Microsoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring…

Software Security

Microsoft Adding New Security Features to Windows 11

Issued by: SecurityWeek

Windows 11 feature updates are released in the second half of each calendar year. The latest update, 23H2, is being gradually rolled out to users, with Microsoft expecting the new features to reach all devices by the release of the November 2023 security updates. However, customers with eligible devices running Windows 11 version 22H2 can…

Software Security

Qualys Announces First-Party Software Risk Management Solution

Issued by: Dark Reading

Qualys, Inc. (NASDAQ: QLYS), a provider of disruptive cloud-based IT, security and compliance solutions, today announced it is opening up its risk management platform to AppSec teams to bring their own detections to assess, prioritize and remediate the risk associated with first-party software and its embedded open source components. In the digital transformation era, every…

Software Security

Securing the software supply chain one step at a time

Issued by: CSO Online

The software supply chain is a vast, global landscape made up of a complicated web of interconnected software producers and consumers. As such, it comes with numerous risks and vulnerabilities that affect all software–including those from third parties and outside vendors. These risks include everything from code vulnerabilities and open-source code repositories to hijacked software…

Software Security

Exploit Code Published for Remote Root Flaw in VMware Logging Software

Issued by: SecurityWeek

In an update to a critical-level advisory originally released in April this year, VMware said it has confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches. The vulnerability, which carries a CVSS severity score of 9.8 out of 10, allows an unauthenticated, malicious actor…

Software Security

Zero Trust Authentication: Foundation of Zero Trust Security

Issued by: DataBreach Today

Identity and security are more important than ever in today’s “work from anywhere” world. As companies adapt to remote workforces and the use of personal devices, the need for secure authentication has become paramount. The solution uses a zero trust authentication paradigm that ensures confidence in user and device identity on a real-time, continuous basis….

Software Security

Monitoring the dark web to identify threats to energy sector organizations

Issued by: Security Affairs

Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious operations against energy organizations. The threat actors use the hidden part of the web to share techniques, build their resources, and coordinate their attacks. The report published by the experts provides evidence of continuous…

Software Security

Apple Debuts Its Rapid Response Security Update Approach

Issued by: Dark Reading

Apple rolled out the first of its kind Rapid Security Response update — quick fixes automatically installed on iPhones, iPads, and iMacs in-between software updates. On May 1, devices with default settings were updated with iOS 16.4.1, iPadOS 16.4.1, or macOS Ventura 13.3.1, according to the company’s notice to users, which contained few details. Rapid…