Read also: Nitrokod cryptomining campaign infected thousands of PCs in 11 countries, Italian oil giant hit with a cyberattack, and more.

Threat hunting is a critical security function, a proactive measure to detect warning signs and head off attacks before a breach can occur. Scaling threat hunting capabilities involves quickly deriving actionable intelligence from a large number of behavioral data signals to identify gaps and reduce time to respond.

Data privacy rules have never been crucial for organisations to follow until the General Data Protection Regulation (GDPR) enforcement. This blog is divided into two sections. The first section will discuss a general overview, definitions and common queries related to a data protection policy. The second section will explain how a business can write and operationalise a data protection policy.

Not all of the recognizable risks in your software supply chain can be identified by their known vulnerabilities recorded as CVEs. A component that is outdated or inactive may present risks to your application that no one has had cause to investigate. Yet these components could still harbor threats.

Amid a wave of hacks that have cost investors billions of dollars worth of cryptocurrency, the FBI is calling on decentralised finance (DeFi) platforms to improve their security. In a warning posted on its website, the FBI said that cybercriminals are increasingly targeting DeFi platforms to steal cryptocurrency, often exploiting vulnerabilities in smart contracts to part investors from their money.

Introduce yourself and tell us what you do for your day job. My name is Dr. Joseph J. Burt-Miller Jr. I currently serve as Assistant Project Manager at the Department of Homeland Security. One of my main duties is handling the risk management piece for projects, so interacting with contractors and our risk owners, ensures that our risks are tracked and mitigated. Anything that needs immediate attention I bring to my leadership, my project manager and program manager, etc.

Where do open source dependencies go to die, and why do they come to an end? What happened to the npm faker module? Can it happen again? Join me to learn how open source software libraries rise to glory and how they reach their end of life. I’ll also include some takeaways for developers and ops engineers.

Hack The Box (HTB) is a platform that gamifies cybersecurity training. It’s suitable for aspiring pen testers, as well as developers who want to become security champions — or simply understand the mindset of adversaries a bit better — in order to make their applications more secure.

It’s no secret that most application security teams are overextended and short-staffed. In fact, a recent ESG study showed that many cybersecurity professionals experience increased stress and job burnout.

Few security exploits are the source of more sleepless nights for security professionals than zero-day attacks. Just over Memorial Day weekend, researchers discovered a new vulnerability enabling hackers to achieve remote code execution within Microsoft Office. Dubbing the evolving threat the Follina exploit, researchers say all versions of Office are at risk.