Modern-day product development is highly complex. This is because industry competition has driven enterprises to focus mainly on their core competencies while they outsource other activities to their partner organizations specialized in such activities. Therefore, in today’s diversified global economy we find that almost all enterprises operate with their operations dispersed across internal productions and external partners.

Nightfall, the leading cloud-native data protection platform, has successfully achieved Service Organization Control (SOC) 2 Type 2 compliance. Nightfall is the first cloud-native data loss prevention vendor to complete this certification and meet the American Institute of Certified Public Accountants (AICPA) criteria for managing customer data.

If you’ve reached this page, you’re probably familiar with Spring and its basic mechanisms already. From its inception in 2002, Spring has become one of the dominant frameworks to build any kind of web application in Java. Web applications usually are the biggest interface between a company and its users—both internal and external. When security is neglected at the developer level, applications can become very desirable targets to hackers.

You may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce? Salesforce is a popular customer relationship management (CRM) service with rich configuration options that could lead to unintended risks if it is improperly configured.

Cybersecurity is an ever-changing landscape, and it’s essential to have the right people on your team, like a virtual chief information security officer. This person can help you protect yourself from cyberattacks by building out cyber security programming, including infrastructure protection, data management, and customer privacy concerns.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. This week a few quite chilling hacks appeared in my feed. They all may at first glance appear amusing but think how they could well have turned out…

In Part 1 of our BlackByte ransomware analysis, we covered the execution flow of the first stage JScript launcher, how we extracted BlackByte binary from the second stage DLL, the inner workings of the ransomware, and our decryptor code. In this blog, we will detail how we analyzed and de-obfuscated the JScript launcher, BlackByte’s code, and strings.