Each month we highlight research from the Black Duck Security Research team in Belfast. This month’s vulnerability followed an unusual path through more than half a decade.

Black Basta is a relatively new family of ransomware, first discovered in April 2022. Although only active for the past couple of months, the Black Basta ransomware is thought to have already hit almost 50 organisations – first exfiltrating data from targeted companies, and then encrypting files on the firm’s computer systems. Victims have reportedly been hit in countries around the world including the United States, UK, India, Canada, Australia, New Zealand, and UAE.

Thanks to social media, online publications, and 24-hour news channels, we’ve never been more hooked into the news cycle. Whether you want to see them or not, the headlines are never far from your eyes and ears. Cybercriminals can weaponize this to their advantage and tailor their phishing attacks to coincide with topical news stories.

This is the second part of a four-part blog series covering each of the four phases of the merger & acquisition (M&A) process and how you can build security into each phase. In case you missed it, Part 1 covered why it’s important to integrate security into the due diligence process in the first phase of M&A.

Why settle for less! The challenge of manually dealing with self-hosting a product like Velero or Kasten on dozens of clusters and multiple clouds, and then trying to migrate data across different accounts and even different clouds is very different from dealing with a single cluster and a single cloud environment. CloudCasa provides a guided workflow for cross-account and cross-cluster Kubernetes restores in Amazon EKS from an intuitive GUI.

If you're reading this blog, there's a good chance you're familiar with the topic of data breaches; they regularly make the headlines and cause a lot of extra work for IT, security and other staff in affected companies who battle to identify, contain and eradicate the attack. But while the news stories carry the attack's immediate impact, we're rarely aware of the long-term cost to the organization and its staff, both personal and financial.

When it comes to security and healthcare, most patients expect, at the very least, doctor-patient confidentiality. If web trackers are embedded within the JavaScript on a healthcare website you expect full security. I mean, you shouldn’t have to worry about someone working at Facebook knowing your personal healthcare information, like the details of a doctor’s appointment, right?

Databases are a critical component of an organization’s infrastructure and a primary target for hackers and cybercriminals. This makes it essential that you have standard practices to secure your database. This article discusses the steps and procedures of securing CockroachDB, a renowned SQL-based and distributed database. CockroachLabs offers both hosted CockroachDB-as-a-Service offering and an enterprise self-hosted version.

This month, Egnyte is excited to announce the completion of some major milestones of its Egnyte UI redesign project. Other updates in June include security and governance improvements, a new eTMF app for Life Sciences, a new version of the Desktop App, additional FileGuard app functionality, a fully upgraded Egnyte for Outlook integration, and more. Continue reading for details on all these exciting changes.

Pre-pandemic, the life sciences industry had settled into a pattern. The average drug took 12 years and $2.9 billion to bring to market, and it was an acceptable mode of operations, according to Nimita Limaye, Research Vice President for Life Sciences R&D Strategy and Technology at IDC. COVID-19 changed that, and served as a proof-of-concept for how technology can truly help life sciences companies succeed and grow, Limaye said.