Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

JFrog And Red Hat DevSecOps Security Series

Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.

Securing Against New Offensive Techniques Abusing Active Directory Certificate Service

SpecterOps recently released an offensive security research paper that details techniques enabling an adversary to abuse insecure functionality in Active Directory Certificate Service. SpecterOps reports that abusing the legitimate functionality of Active Directory Certificate Service will allow an adversary to forge the elements of a certificate to authenticate as any user or administrator in Active Directory.

Global Cyberattack Hits Organizations Including US Customers

Throughout July and August, Kaseya released a slew of patches for this vulnerability. Bitdefender released a universal decryption key that they developed by working with law enforcement. That key, with instructions, is available to organizations that have been impacted by the attack. Although REvil popped back online after nearly two months of silence, this vulnerability is no longer a threat due to vendor patches and a widely available decryption key.

Internal vs External Vulnerability Scans: Understanding the Difference

When it comes to establishing a robust mobile application security posture, vulnerability scanning is certainly the go-to option. But given the complex cybersecurity challenges of modern times, it might be complicated and challenging to implement vulnerability scanning properly. According to the 2020 Edgescan Vulnerability Statistics Report, around 35% of the vulnerabilities discovered in external-facing apps were of critical or high risk.

Differences between hashing and encryption and salting explained with examples

Hashing is a one-way function that outputs a fixed-length string, where it’s impossible to decipher back into the original input. Encryption is a reversible process used to scramble data so that it can’t be read. So, if you’re looking for a way to keep your passwords safe and secure, look no further than hashing! But there is a slight catch here that relates to the term salting.

How should databases be protected?

There’s simply no denying that Data is the currency of the future. All businesses have one or more databases and are naturally heavily reliant on them not only to store information, but also to utilise the data to make business informed decisions. Whether it’s payroll data, employee records, customer information, financial information or even inventory data today’s list of Data is endless.

Biggest Data Breaches in Australia (Includes 2021 Attacks)

Data breaches in Australia are on the rise, particularly in the financial and healthcare industries. In an effort to DISRUPT this pernicious trend, the Australian government is revising its cybersecurity frameworks and policies to strengthen resilience against nation-state threat actors. But Australian businesses cannot solely rely on the government's cybersecurity initiatives. Even the Australian Signals Directorate (ASD) admits that proposed security frameworks only raise the baseline of security.

The Aviation Industry Needs to Move Towards Cyber Resilience

2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry.