One of the main questions I get asked from people looking to get started in Cybersecurity is, “What certification(s) do I need?”. Who you ask and the number of people you ask will determine the number of different answers you will get back on this question. A few short years ago, there was no such thing as a cybersecurity professional. At first, people working in system administration or development were asked to take on the additional role of handling security for an organization.

The Hive Gang is a Ransomware as a Service (RaaS) providers first identified in June 2021. Although relatively new, their aggressive tactics and ever evolving malware variants have made them one of the most successful RaaS groups of its kind. Find out how the group has risen through the ranks with their advanced ransomware kit, API based portal and negotiation services.

Read also: Greece’s natural gas supplier DESFA hit with ransomware, an advanced BEC campaign targets high-ranking executives, and more.

A financial technology company has announced UrGovPH, an open finance solution that will allow local governments to develop digital services across identity, finance, property, and business interaction.

There’s no doubt that mobile devices have become an integral part of our lives. We use them to stay connected with friends and family, get directions, check the news, and more. They’re always with us, convenient, versatile (texts, messages, calls, Internet, etc), keep us connected and loads another top reasons….in short, making our life easier! This is where mobile device security comes in, which helps protect your device from potential threats.

As organizations go about their regular routine of finding and adding new technologies to help increase their overall success, each organization must keep in mind the security implications of each move, along with the fact that much of their current technology stack has to be maintained with a well-thought out and quickly implemented patching program.

The JFrog Security team recently competed in the Pwn2Own Miami 2022 hacking competition which focuses on Industrial Control Systems (ICS) security. One of our research targets for the competition was the Unified Automation C++-based OPC UA Server SDK. Other than the vulnerabilities we disclosed as part of the pwn2own competition, we managed to find and disclose eight additional vulnerabilities to the vendor. These vulnerabilities were fixed in the SDK in version 1.7.7.

Digital transformation has driven the rapid adoption of cloud-delivered services like SaaS/IaaS/PaaS in enterprises. This, in turn, has resulted in the migration of digital assets (aka data) from the confines of enterprise data centers to the cloud data centers that are not under the control of the enterprises. Additionally, the onset of the COVID-19 pandemic has resulted in remote work becoming the norm.

In 2013, a group of ethical hackers started penetration testing to make the Internet a safer place. After hacking companies such as Google, Facebook among others, they realized they could automate their findings to help companies monitor their attack surface and founded Detectify. Fast forward a few years and Detectify’s Crowdsource network boasts of 400+ elite ethical hackers.

Have you ever wanted to put a Save in 1Password button on your website? You can now add the integration to your website without anyone from 1Password building, approving, or getting involved with the process.