Read also: Google fixed a zero-day vulnerability in Chrome browser, Marriott fell a victim of cyber extortionists, and more.

Many businesses argue that they need to collect information about customers to verify who they are and secure their accounts. However, this is at odds with online privacy advocates, who say organizations are compromising our security by collecting far too much information about us.

Security Operation Centers (SOCs) offer a robust method of ensuring cybersecurity and safety within an organization. Their demand has continued to grow, specifically with a significant rise in cyber-attacks amidst a looming cybersecurity skills gap. However, despite a typical SOC analyst's immense training and knowledge, mitigating the increase in cyber-attacks is no easy job.

What are cloud-native applications? According to the Cloud Native Computing Foundation (CNCF), the term “cloud native” describes systems that are specifically designed to help build and run scalable applications in all cloud environments, including public, private, and hybrid clouds. Cloud-native applications use the attributes of cloud architecture in ways that legacy systems can’t. They don’t need any onsite computing infrastructure and can scale quickly to meet demand.

The WebAuthentication API, or WebAuthn, facilitates secure authentication based on public-key credentials. The idea of passwordless and public-key authentication is not new, but the compatibility and interoperability of various elements in the authentication process were always weak. WebAuthn API aims to solve that problem by bringing the uniform authentication API into web browsers.

Cryptographic Failures are a major security problem. They can lead to data breaches, identity theft, and other serious problems. The Open Web Application Security Project (OWASP) has identified ten major failures. These failures can be divided into three categories: Cryptographic design flaws, cryptographic implementation errors and cryptographic key management.

This is the third part of a four-part blog series covering each of the four phases of the merger & acquisition (M&A) process and how you can build security into each phase. In case you missed it, Part 1 covered the why it’s important to integrate security into the due diligence process in the first phase of M&A and Part 2 covered integration planning and public announcement.

There is an underlying constant when it comes to creating a strong defense—the more layers of defense in place, the better. Sure, having a single stout wall in place might be strong enough to deter some attackers, but it is simply not enough to counter a foe determined to gain entry. This holds true whether the defender is a castle, sports team, or an organization.

The curl vulnerability shows how we produced timely information by combing through source code commits in open source projects.

Apple has previewed a new feature which aims to harden high-risk users from the serious threat of being spied upon by enemy states and intelligence agencies. “Lockdown Mode” is scheduled to arrive later this year with the release of Apple iOS 16 and macOS Ventura. It’s an optional feature for users who believe their computers and smartphones face a real risk of being targeted by sophisticated state-sponsored spyware.