Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The new guidelines to secure GitHub repositories are being followed by every enterprise. These new protocols were circulated after discovering a vulnerable loophole in the self-hosted action runner in August 2023. To know more about the vulnerability, how and who discovered it, and its mitigation, read further.

Applications are becoming the gateway for attackers to gain unauthorized access and perform their malicious activities on end-user devices. And when such a thing happens, not only the user but also the software development firm suffers. So, now it has become utterly important to ensure the app security with the best-in-class tools available.

In the rapidly evolving realm of network security, staying abreast of the latest technologies is crucial to safeguarding your organization’s data and infrastructure. Two prominent solutions that have garnered attention in recent times are Secure Access Service Edge (SASE) and Secure Service Edge (SSE). In this blog post, we’ll delve into the nuances of these two concepts, helping you make informed decisions about your network security strategy.

When I attend a networking event and ask a business owner, “Who’s responsible for Information Security?” The usual reply is “IT”. But in today’s hyper-connected world, where digital landscapes are constantly evolving, and data breaches and cyberattacks are becoming alarmingly common, organizations must recognise that information security is not solely the responsibility of the IT department.

The dynamism of Artificial Intelligence (AI) is transforming not only the tech landscape but also various sectors of human activity at breakneck speeds. Unfortunately, with any progress in technology, these advances aren’t only being applied in beneficial ways.

Happy New Year! Close on the heels of our December update, we are back again with our first major release of 2024. It packs quite a few improvements in user experience as well as a major change to our service plans. Read on for more details.

The proliferation of artificial intelligence tools worldwide has generated concern among governments, organizations, and privacy advocates over the general lack of regulations or guidelines designed to protect against misusing or overusing this new technology.

Our inaugural 2022 threat roundup report started by observing that “the year 2022 was eventful for cybersecurity.” As you can imagine, 2023 was no less eventful. Some of the key events included ongoing conflicts and the appearance of new ones, the emergence of critical vulnerabilities being mass exploited and the ever-increasing threat of cybercrime.

Arctic Wolf Labs has been tracking two recent intrusions where threat actors leveraged a new Go-based malware downloader we are calling “CherryLoader” that allowed them to swap exploits without recompiling code. The loader’s icon and name masqueraded as the legitimate CherryTree note taking application to trick the victims.

In what appears to be a digital tsunami, Cybernews has reported a colossal data breach has surfaced, unveiling a staggering 26 billion records – a figure that's hard to even fathom. Termed as the Mother of all Breaches (MOAB), this leak is not just another incident in the cybersecurity world, it's a seismic event that dwarfs previous breaches in its sheer magnitude.