The other week, Bitsight released a piece of high-profile research alerting the public to a high-severity vulnerability potentially allowing attackers to launch one of the most powerful Denial-of-Service (DoS) attacks in history. Here’s a summary of what happened and why it matters: Security leaders are asking “now what?” and Bitsight has answers.

Open-source software has been a godsend for the development community. They bring lower development costs, faster application delivery, and greater flexibility; it’s no wonder nearly 90% of modern applications comprise third-party software nowadays. That’s not to say open-source software doesn’t come with its share of pitfalls, including security risks and vulnerabilities.

If you’ve met me, you know I’m pretty direct, so I’m going to preface this whole post by saying: yup, this is being written by a marketer. As SafeBreach’s CMO, I know that going to RSA means being crushed by the immense force of vendors trying to stand out and in some cases using gimmicks. We’re certainly a part of that: did anyone get their tarot read at our booth this year?

Cyber attacks on Australian hospitals and healthcare providers are becoming a more frequent occurrence. The Australian Cyber Security Centre, the ACSC, has recently warned healthcare providers in Australia of an increased number of cyber attacks aimed at the healthcare industry. The ACSC has identified ransomware and other cyber attack methods as leading to dangerous breaches of sensitive hospital data, which can have widespread ramifications if not addressed and preempted.

With this short guide we will explain how you can add data loss prevention (DLP) as code to communications services like Twilio and SendGrid in a few lines of code, helping ensure your customer communications remain compliant.

Exposure management in cybersecurity is a set of processes that helps organizations view their entire attack surface and understand which areas in their IT infrastructure are most exposed to cyber threats. Organizations can then take the necessary steps to reduce their cyber risk exposure through risk mitigation and risk remediation steps. Exposure management goes hand in hand with attack surface management (ASM) and threat and vulnerability intelligence.

Many will choose the Microsoft ecosystem and will need to become familiar with its native threat detection and response tools and understand how to extract maximum value from them. Kroll’s latest eBook, Microsoft Threat Detection and Response: Five Key Pitfalls (and How to Address Them) provides up-to-date insights to enable businesses to level up their cloud security.

As is tradition with my blog posts, let’s start off a definition of what HTTP pipelining is all about. “HTTP pipelining is a feature of HTTP/1.1 which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding responses. HTTP/1.1 requires servers to respond to pipelined requests correctly, with non-pipelined but valid responses even if server does not support HTTP pipelining.

Today you look at the Global/Multi-site Enterprise Security Architecture of an organization and see a myriad of concerns. Increased levels of complexity, difficulties managing multiple third parties, difficulties implementing consistent levels of security, and so on. This makes it imperative for organizations to identify opportunities to simplify, streamline, and generally improve their infrastructure wherever possible. Managing the level of complexity is becoming increasingly difficult.

Almost all modern network systems, including stateful firewalls, make use of connection tracking (“conntrack”) because it consumes less processing power per packet and simplifies operations. However, there are use cases where connection tracking has a negative impact, as we described in Linux Conntrack: Why it breaks down and avoiding the problem.