When it comes to hiding dirty money, it’s not just cryptocurrency we have to worry about, according to author, speaker, and investigative journalist Geoff White.

In July 2024, Netskope Threat Labs tracked a 2,000-fold increase in traffic to phishing pages delivered through Microsoft Sway. The majority of the credential grabbing pages investigated used “Quishing,” a form of phishing that uses QR code to trick users into accessing a malicious website. The phishing campaigns targeted MS Office credentials, using documents to bait users into logging in.

Physical and network barriers that once separated corporate environments from the outside world no longer exist. In this new technological age defined by hybrid, multi-cloud and SaaS, identities are the perimeter. Any one identity—workforce, IT, developer or machine—can become an attack path to an organization’s most valuable assets.

Software Security is the field mainly concerned with protecting software applications and systems against different threats or risks or the process of defending software applications or systems against various threats, risks, or attacks. It includes the various initiatives, methods, and safeguards to protect the software and data it processes from unauthorized access, alteration, or denial.

Security testing? Ain’t nobody got time for that. Or budget. Or the necessary skills to align coding practices with organizational and regulatory compliance efforts. Developers are too busy racing against themselves and the expected development velocity of modern development teams. Mistakes are bound to happen.

On April 19, 2024, Datadog’s US5 website (app.us5.datadoghq.com) started experiencing elevated error rates, though they were low enough that most of our users didn’t notice them. For the next few days, we worked around the clock responding to multiple episodes of this mysterious attack, which gradually unfolded as we investigated. We also implemented several measures to reduce the impact on our customers.

In part one of our series on PCI DSS 4.0, we covered the updates in the latest version 4.0.1 and how to operationalize those changes. In this blog we are going to dig deeper into Requirement 11.6, how to interpret the nuance and automate the current guidance. Guidance that will become a mandate in March, 2025. Let’s start with what Requirement 11.6 is and why it’s so important.

As artificial intelligence (AI) continues to revolutionize various sectors, ensuring it is developed and deployed in alignment with ethical standards and fundamental rights is critical for businesses that use it. The European Union's Artificial Intelligence Act (AI Act), formally adopted on March 13, 2024, addresses this critical necessity by establishing a comprehensive and detailed legal framework for AI systems within the EU.

Read our key takeaways from Drupal GovCon 2024, where Drupal experts explored secure open-source solutions for U.S. government websites and collaborative tools.

Snyk Code was the only code security tool shortlisted by developers as an AI tool they’ve been regularly using this past year or are looking forward to using next year in Stack Overflow’s recent 2024 AI Search and Developer Tools survey. This underlines Snyk’s dominance as the favorite AI security tool of both developers and security teams and confirms that Snyk Code is providing immense value to developers.