Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible

Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits.

DARKReading
#vulnerability#intel#auth
The Myth of Protection Online — and What Comes Next

It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.

Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale

Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.

Ping Identity to Go Private After $2.8B Acquisition

The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.

Startup Footprint Tackles Identity Verification

Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.

How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes

Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.

Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks

SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.

School Kid Uploads Ransomware Scripts to PyPI Repository as 'Fun' Project

The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.

Cyberattackers Drain Nearly $6M From Solana Crypto Wallets

So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.