The security flaw, identified as CVE-2022-0540, is an authentication bypass issue that affects Seraph, the web authentication framework of Jira and Jira Service Management. A remote, unauthenticated attacker could exploit this vulnerability to bypass authentication and authorization by sending a specially crafted HTTP request. Many versions of Jira are affected, but the vendor noted that…

It sounds like a nearly perfect cybersecurity solution: Intercept incoming data before it reaches the user’s web browser; isolate it in a secure sandbox; and send only the screen images—or pixels—to the browser. The ephemeral server is fully isolated from the organization’s IT assets and data, and its browser sessions are destroyed when the user…

Catalogic Software announced a new partnership with Backblaze to offer ransomware protection for enterprise and Kubernetes backups. Catalogic’s enterprise data protection software, DPX, provides robust backup and recovery capabilities and integrates seamlessly with Backblaze B2 Cloud Storage to provide a secure, fast, and infinitely scalable backup target. CloudCasa by Catalogic now supports Backblaze B2 as…

Terms of the agreement were not disclosed The company’s MDR solution augments customers’ existing cybersecurity resources to protect on-premise, cloud, SaaS, and hybrid environments, and meet regulatory requirements, including PCI DSS, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2, NIST 800-171 and 800-53, ISO 27001, COBIT, and more. Houston, Texas-based Alert Logic, which claims more than…

Today’s cloud strategies revolve around two distinct poles: the “lift and shift” approach, in which applications and associated data are moved to the cloud without being redesigned; and the “cloud-first” approach, in which applications are developed or redesigned specifically for the cloud. By far the fastest approach is to lift and shift the whole environment,…

Security researchers have found several vulnerabilities affecting many models of APC Smart-UPS uninterruptible power supplies that could be exploited to take over the devices. UPS devices are used across many industries to keep mission-critical devices running in case of power loss. “Two of these are remote code execution (RCE) vulnerabilities in the code handling the…

Software-defined WAN, better known today as SD-WAN, is not the same technology that it was when it first got started. In the beginning, SD-WAN was essentially a way to enable organizations to use inexpensive broadband connectivity to connect back to the data center. It was a lower-cost alternative to other fixed-connectivity WAN options, most notably multiprotocol…

The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with 40 deals announced in November 2021. November 1-7 Appsian Security acquires Q Software ERP data security and compliance firm Appsian Security acquired Q Software, which specializes in security and compliance solutions for JD Edwards EnterpriseOne, JD Edwards World, and…

Backblaze announced Instant Recovery in Any Cloud—a solution to make ransomware recovery into a VMware and Hyper-V based cloud easy for any IT team. Big ransomware payments gain a lot of attention—like the $5 million Colonial Pipeline recently paid. But few realize that ransomware victims often rely on backups to return to normal operations, not…