In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It affects multiple versions of the open-source relational database management systems (RDMBS) MariaDB and Percona Server, and the wsrep (write set replication) plugin for MySQL. Fortunately, security professionals swiftly released a patch to ensure that affected systems could be updated to mitigate risks.

High stakes, long hours, and a rapidly evolving threat landscape present unique barriers to happiness for security and IT teams. It’s not surprising that 63% of security practitioners report some level of burnout, and 58% of IT professionals feel overwhelmed by the amount of tasks they have to do in a day. Organizations simply can’t afford to ignore these statistics.

Educators create many passwords for accounts in both their personal and professional lives. Password management is crucial for educators, not only to keep track of their professional passwords but also to separate those from their personal passwords. Teachers need a reliable place to store passwords for many online accounts, applications and programs, no matter which grades or subjects they teach. Read more to learn why password management is essential for teachers.

The field of AI has been around for decades, but its current surge is rewriting the rules at an accelerated rate. Fuelled by increased computational power and data availability, this AI boom brings with it both opportunities and challenges. AI tools fuel innovation and growth by enabling businesses to analyse data, improve customer experiences, automate processes, and innovate products – at speed. However, as AI becomes more and more commonplace, concerns about misinformation and misuse arise.

A review of AI-generated malware, and how a SOC might deal with the ever-increasing threat… Theofanis Dimakis, SOC Officer, and Nikolaos Tsompanidis, Threat Detection & Response Expert at Obrela, speaking during the recent CRESTCon Europe event, shared insights from their perspective into detecting malware, including the rising tide of AI variants.

Being a bad guy on the Internet is a really good business. In more than 90% of cybersecurity incidents, phishing is the root cause of the attack, and during this third week of August phishing attacks were reported against the U.S. elections, in the geopolitical conflict between the U.S., Israel, and Iran, and to cause $60M in corporate losses.

Patches are a way of life for any network administrator and are the most efficient method in place to ensure systems are running the most up-to-date and secure versions of their various software applications. For the most part, updates take place behind the scenes, with the average person only noticing a patch being installed when they are asked to reboot their machine to install the new version.

In the dynamic world of cyber threats, the X-FILES stealer has emerged as a particularly dangerous and sophisticated piece of malware. First discovered in March 2021, this malware gained significant attention after a second variant surfaced later that year. Known for its efficiency in targeting vulnerable systems globally, X-FILES has become a top priority for cybersecurity professionals.

On August 13, 2024, SolarWinds released a hotfix for CVE-2024-28986, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an IT service management software widely used across various industries for tracking and managing support tickets. This vulnerability arises from a Java deserialization flaw, which could enable a remote attacker to execute arbitrary code on vulnerable hosts.

Veracode is pleased to announce the general availability of our new Azure DevOps Workflow integration. This new integration provides our customers using Azure DevOps Services with easy-to-configure, event-driven security testing of their application and infrastructure code managed in their Azure DevOps Repos.