%term

Three trends shaping software supply chain security today

Aug 22, 2024 By Erin Cullen In Snyk

Building software continues to look like an assembly line, with developers pulling resources from across the web to create applications. Although third-party resources have played an essential role in developing software for many years, the way that development teams use these external components looks different today.

Read Post

Snyk

Read more about Three trends shaping software supply chain security today

DEF CON 32: What We Learned About Secrets Security at AppSec Village

Aug 22, 2024 By Dwayne McDaniel In GitGuardian

At DEF CON 32's AppSec Village, we explored secrets security challenges, answered common questions, and shared how to detect and handle hidden credentials effectively.

Read Post

GitGuardian

Read more about DEF CON 32: What We Learned About Secrets Security at AppSec Village

CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Aug 22, 2024 By Andres Ramos In Arctic Wolf

On August 21, 2024, SolarWinds released a second hotfix for SolarWinds Web Help Desk (WHD) version 12.8.3. This hotfix addresses a newly disclosed hardcoded credential vulnerability (CVE-2024-28987) that allows a remote, unauthenticated attacker to access internal functionality and modify data. Additionally, the hotfix resolves the Java deserialization remote code execution (RCE) vulnerability (CVE-2024-28986) disclosed the previous week and fixes functionality issues introduced by the first hotfix.

Read Post

Arctic Wolf

Read more about CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Aug 22, 2024 By Khaled Yakdan In Code Intelligence

Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.

Read Post

Code Intelligence

Read more about Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Red Teaming vs Penetration Testing: Understanding the Differences

Aug 22, 2024 By shiba In JUMPSEC

In today’s rapidly evolving cybersecurity landscape, organisations must stay ahead of emerging threats and vulnerabilities to remain competitive. Two critical approaches to bolster security are Red Teaming and Penetration Testing. While these terms are often used interchangeably, they serve different purposes and employ distinct methodologies. Understanding the differences between Red Teaming and Penetration Testing is essential for implementing an effective cybersecurity strategy.

Read Post

JUMPSEC

Read more about Red Teaming vs Penetration Testing: Understanding the Differences

The key challenges of intrusion detection and how to overcome them

Aug 22, 2024 By Mark Nicholls In Redscan

However, to achieve the full potential of this approach, they must first overcome a variety of challenges. Read on to discover what intrusion detection is and how it has evolved, plus the four key challenges associated with it and how to address them.

Read Post

Redscan

Read more about The key challenges of intrusion detection and how to overcome them

Keeping Financial Services Organizations Secure in an AI World

Aug 22, 2024 By Splunk In Splunk

When we talk about financial services and technology, security and regulatory compliance are always top of mind. And now, Generative AI has entered the chat - one of the most talked-about technologies of recent years. And Financial Services institutions have only begun to scratch the surface of what generative AI can do. The problem is, so have cyber threat actors. In this session from Splunk, and IDC, you’ll hear key insights into how financial services companies are improving their security posture in an AI World, and how those practices can benefit your organizations.

View Video

Splunk

Read more about Keeping Financial Services Organizations Secure in an AI World

Splunk Asset and Risk Intelligence

Aug 22, 2024 By Splunk In Splunk

Gain continuous asset discovery and compliance monitoring to accelerate investigations and minimize risk exposure.

View Video

Splunk

Read more about Splunk Asset and Risk Intelligence

Secure Databases at the Point of Data: Rubrik Support for Oracle Databases on Windows Is Now Available

Aug 22, 2024 By Justin Ruiz In Rubrik

In today's data-driven world, protecting critical business information is paramount. We're excited to announce that Rubrik support for Oracle Databases on Windows is now available. This added support enables customers to bring Rubrik Security Cloud to even more of their mission-critical Oracle environments, providing a comprehensive, efficient, and reliable data protection solution for enterprises of all sizes.

Read Post

Rubrik

Read more about Secure Databases at the Point of Data: Rubrik Support for Oracle Databases on Windows Is Now Available

Addressing security practitioner burnout: A vital step for security leaders

Aug 22, 2024 By Joe DeFever, In Elastic

The “Three Pillars” (people, process, and technology) management framework requires a delicate balance in order to achieve successful operations outcomes. Despite the technology pillar dominating the conversation as of late, cybersecurity practitioners are the backbone of your organization's defense against cyber threats.

Read Post

Elastic

Read more about Addressing security practitioner burnout: A vital step for security leaders

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Three trends shaping software supply chain security today

DEF CON 32: What We Learned About Secrets Security at AppSec Village

CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Red Teaming vs Penetration Testing: Understanding the Differences

The key challenges of intrusion detection and how to overcome them

Keeping Financial Services Organizations Secure in an AI World

Splunk Asset and Risk Intelligence

Secure Databases at the Point of Data: Rubrik Support for Oracle Databases on Windows Is Now Available

Addressing security practitioner burnout: A vital step for security leaders

Monthly Archive

Follow Us