security

Application Security

Issued by: Security Week

Building on previous research, white papers, and other projects from Adobe’s Security Intelligence Team, OSAS out-of-the-box allows researchers to experiment with datasets, control data processing and feature combining, and help identify a solution for detecting security threats. The new open-source project tackles the issue of data sparsity, which may appear when using machine learning (ML)…

Application Security, Cloud Security, Network Security

Issued by: Security Week

Several cybersecurity-related acquisitions and mergers were announced in the week of April 19-25, 2021. Altron acquires Lawtrust South Africa-based technology solutions provider Altron has acquired Lawtrust, which provides digital trust and cybersecurity solutions, for ZAR 245 million (USD 17 million). Lawtrust, which is also based in South Africa, will help Altron expand its security offerings….

Network Security

Issued by: Security Week

The quarterly set of security patches addresses a total of 41 vulnerabilities considered critical severity, including 5 that feature a CVSS score of 10. The most severe of these vulnerabilities could be exploited to execute code remotely within the context of the vulnerable applications, potentially resulting in full system compromise. Oracle’s E-Business Suite received patches…

Malware & Threats

Issued by: Security Week

Manufacturing and energy became the second and third most targeted industries last year, respectively. Retail and professional services rounded up the top five most targeted sectors, IBM says. In the latest installment of their annual X-Force Threat Intelligence Index, IBM Security also reveals that ransomware was the most popular attack method in 2020, with a…

Vulnerabilities

Issued by: Security Week

The National Counterintelligence and Security Center warned Thursday that foreign hackers are increasingly targeting vendors and suppliers that work with the government to compromise their products in an effort to steal intellectual property and carry out espionage. The NCSC said it is working with other agencies, including the Cybersecurity and Infrastructure Security Agency, to raise…

Malware & Threats

Issued by: Security Week

Hackers used phishing emails to gain access to the computers of at least seven federal MPs and 31 lawmakers in regional parliaments, according to Der Spiegel weekly. A spokesman for the lower house of parliament confirmed the cyber attack but said there was “currently no indication” of a direct attack on the IT infrastructure of…

Vulnerabilities

Issued by: Security Week

The first security hole, tracked as CVE-2021-3450, has been described as a “problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag.” The flaw was discovered by researchers at Akamai. “Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an…

Network Security

Issued by: Dark Reading

Famed security expert HD Moore’s latest project — an IT and OT asset-discovery platform that attempts to address the-age-old challenge of finding and fingerprinting devices that reside on an organization’s network and their status — just landed $5 million in venture capital funding from some major players in network and security technologies. The VC round…

Cloud Security

Issued by: Dark Reading

Security startup Argon says it is exiting stealth mode and has announced its official launch this week. Argon is focused on securing the software delivery process through visibility into the continuous integration/continuous delivery (CI/CD) pipeline and the software development life cycle (SDLC), officials say. Argon, based in Tel Aviv, is launching with 15 employees. The…