Netskope, the leader in Security Service Edge (SSE) and zero trust, today announced a key expansion of data protection capabilities to endpoint devices and private apps. The introduction of a patented endpoint data loss prevention (DLP) solution will enable Netskope Intelligent SSE customers to protect data everywhere it moves across the hybrid enterprise. Zero trust…

Titaniam, Inc., the industry’s most advanced data protection and cyber immunity platform, today announced its full product offering, the Titaniam Suite. These enhancements and the full set of products give Titaniam an edge as they push back on the larger ransomware problem happening ubiquitously across every industry. Ransomware and extortion-based cyber attacks occur at the…

California-based engineer and entrepreneur Lou Montulli said the original “cookie” he created decades ago was intended to make life online easier by letting websites remember visitors. Yet the technology has become a lightning rod, attacked for helping tech companies collect data on consumers’ habits key to the targeted web ad business that makes many billions…

Because of the vulnerability – which was addressed in November 2021 – an attacker only needed stolen credentials to access an organization’s Box account and steal sensitive data, provided that the account has SMS-based MFA enabled (which has long been proven insecure). Box, which claims that close to 100,000 companies use its platform, allows users…

“[The] community is defined by those who show up and do the work. Companies that build open source into their products rarely participate in their continued maintenance,” the ASF said in a position paper published ahead of a high-level White House meeting on open-source software security. “Only a tiny percentage of downstream companies (reusing the…

The European Data Protection Supervisor said Monday that Europol was notified of the order on Jan. 3 following an inquiry that started in 2019. As part of the investigation, the EDPS said it reprimanded Europol two years ago “for the continued storage of large volumes” of such data, “which poses a risk to individuals’ fundamental…

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…

With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…

Tracked as CVE-2021-22045 (CVSS score of 7.7), the security vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. In an advisory, VMWare said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled. An attacker capable of combining the security error…