IBM’s surprise departure from cybersecurity software this week didn’t just rearrange the competitive landscape — it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar SaaS portfolio to Palo Alto Networks for an undisclosed sum. After years of development, IBM started rolling out…

“Software supply chain attacks are at the top of all CISOs’ minds,” says ReliaQuest CISO Jeff Music. Music attributes the popularity of software supply chain attacks to the fact that these attacks are relatively easy to conduct and have a significant payoff for the attacker. “This is especially the case if the vulnerable hardware or…

Financial teams of the acquisition were not released but published reports out of Israel peg the price tag as “several tens of millions of dollars.” The private equity-owned Delinea, formed in April 2012 through the merger of Centrify and Thycotic, said the deal extends its reach into the lucrative identity category and adds technology to…

Cyberattacks on operational technology (OT) systems are rapidly rising. In fact, manufacturing was one of the sectors most impacted by extortion attacks last year, according to Palo Alto Networks Unit 42, as reported in the 2023 Unit 42 Extortion and Ransomware Report. Attacks against OT systems can have a significant impact, including physical consequences such…

Pervasive discontent with legacy SIEM offerings and Cisco’s proposed acquisition of Splunk has driven “a significant and pronounced increase in interest” in CrowdStrike’s SIEM offering. The Austin, Texas-based cybersecurity titan’s SIEM tool hit the $100 million annual recurring revenue milestone in the most recent quarter thanks to LogScale’s search speed, data gravity and cost efficiency,…

The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…

Microsoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats. Microsoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring…

Windows 11 feature updates are released in the second half of each calendar year. The latest update, 23H2, is being gradually rolled out to users, with Microsoft expecting the new features to reach all devices by the release of the November 2023 security updates. However, customers with eligible devices running Windows 11 version 22H2 can…

Qualys, Inc. (NASDAQ: QLYS), a provider of disruptive cloud-based IT, security and compliance solutions, today announced it is opening up its risk management platform to AppSec teams to bring their own detections to assess, prioritize and remediate the risk associated with first-party software and its embedded open source components. In the digital transformation era, every…

The software supply chain is a vast, global landscape made up of a complicated web of interconnected software producers and consumers. As such, it comes with numerous risks and vulnerabilities that affect all software–including those from third parties and outside vendors. These risks include everything from code vulnerabilities and open-source code repositories to hijacked software…