In April 2022, Netskope Threat Labs analyzed an Emotet campaign that was using LNK files instead of Microsoft Office documents, likely as a response to the protections launched by Microsoft in 2022 to mitigate attacks via Excel 4.0 (XLM) and VBA macros.

As we celebrate the first anniversary of Rapid Scan Static, we look back at the growth of our new SAST engine. In June 2021, Synopsys officially released Rapid Scan Static, a feature of Code Sight™ SE and Coverity® by Synopsys and powered by the Sigma scan engine. Rapid Scan Static reduces the noise and friction for developers by providing fast results that enable them to take action earlier in the software development life cycle (SDLC).

In this extensive two-part blog series, we try to present an exhaustive list of all the HALOCAD data-centric use cases that offer better and more advanced CAD data protection. Computer-Aided Design (CAD) is used to accomplish preliminary design and layouts, design details, and calculations, creating 3D Models, creating and releasing drawings, as well as interfacing with analysis, marketing, manufacturing, and end-user personnel.

Every day, your users access dozens of documents they need to do their jobs. However, many users fail to take basic steps to protect sensitive documents from leaving the organization. In sports, when a team loses the ball out of bounds, they have to go on defense. The same thing happens in business when you lose critical documents.

GitHub Actions has made it easier than ever to build a secure continuous integration and continuous delivery (CI/CD) pipeline for your GitHub projects. By integrating your CI/CD pipeline and GitHub repository, GitHub Actions allows you to automate your build, test, and deployment pipeline. You can create workflows that build and test every pull request to your repository or deploy merged pull requests to production.

Ransomware has matured significantly over the previous decade or so. Initially thought to be a relatively basic virus that could be contained on a floppy disk, it can now damage global business infrastructures, stop healthcare systems dead in their tracks, mess with fuel supply networks, and disrupt transportation infrastructure. Its simplicity is what makes it so appealing to criminals. The attacks don’t have to be very sophisticated to cause significant harm and extort ransom payments.

One of the most frustrating challenges of vendor risk management is chasing outstanding security questionnaires. But with some clever operational strategies, you’ll never need to worry about delayed risk assessments impacting your SLAs again. To learn how to encourage your vendors to complete their risk assessments faster, read on.

The General Data Protection Regulation (GDPR) is one of the world’s most popular regulations. Though the European Union designed the GDPR to protect European citizens, its compliance transcends European borders, impacting most businesses collecting personal data via their websites - because you can’t control whether a European citizen accesses your website. Third-party vendors often require access to sensitive personal data to deliver their services.

One of the selling points of cloud computing is the ability to quickly spin up new machines as needed. Unfortunately, this means that cloud environments grow very complex, very quickly – and manually updating configuration files to add new instances gets really old, really fast. It’s easy to make a mistake, which inhibits productivity and causes security issues, especially when accessing machines remotely.

With Kubernetes adoption continuing to rise, we've seen multiple studies add to the growing body of research for enterprise K8s deployments this past year. Companies leveraging managed services and packaged platforms drive much of the continued growth in adoption. An annual study conducted by the Cloud Native Computing Foundation (CNCF) found that 96% of organizations surveyed are either using or evaluating K8s currently.