Designed to harvest real-time metrics from various endpoints, Prometheus enables organizations to keep a close eye on systems’ state, network usage, and the like. Close to 800 cloud-native platforms, including Slack and Uber, leverage the solution. In January 2021, Prometheus added support for Transport Layer Security (TLS) and basic authentication, to prevent access to the…

LG said it will initially acquire a 64-percent stake in Cybellum for $140 million and it will acquire the remaining shares in the near future — if the valuation does not change, the remaining shares will be worth nearly $80 million. The Korean tech giant also plans on investing $20 million in the cybersecurity firm…

Many companies today automate their software development life cycle with continuous integration and continuous delivery (CI/CD). It’s part of the broader DevOps movement to speed software development while reducing errors. Continuous integration builds and tests code automatically, while continuous delivery automates the entire software release process up to production. In order to secure it, industry…

The Silicon Valley giant had last month said iPhones and iPads would soon start detecting images containing child sexual abuse and reporting them as they are uploaded to its online storage in the United States. However, digital rights organizations quickly noted the tweaks to Apple’s operating systems create a potential “backdoor” into gadgets that could…

Forescout Research Labs and JFrog Security Research found a total of 14 vulnerabilities in NicheStack, a TCP/IP stack used by many operational technology (OT) vendors. The flaws, a majority of which have been assigned critical and high severity ratings, can be exploited for remote code execution, denial of service (DoS) attacks, obtaining information, TCP spoofing,…

The flaws, rated critical, expose both Windows and MacOS users to code execution attacks, Adobe said in an advisory released Tuesday. The updates, available for Photoshop 2020 and Photoshop 2021, are being pushed via the software’s automatic updating mechanism. Adobe described the vulnerabilities as memory corruption issues with 7.8 CVSS scores. The company also shipped…

As part of its scheduled Patch Tuesday release, Adobe released fixes for 29 documented security vulnerabilities, some serious enough to expose users to code execution, security feature bypass, and privilege escalation attacks. The Adobe Magento patch lists 26 CVEs with severity ratings ranging from critical to important, according to an advisory from San Jose, Calif….

The plan is to create a provocatively named “Super Duper Secure Mode” in Edge that deliberately disables support for the browser’s JavaScript JIT (Just-in-Time) compiler while adding a major anti-exploitation roadblock from Intel Corp. The new SDSM test — available in Edge preview builds for select users — essentially rips out JIT, a feature that…