On February 2, the popular remote access tool AnyDesk disclosed that it had suffered a cyberattack that had compromised its production systems. Although AnyDesk has not revealed specific details about the root cause of the attack, the measures taken to mitigate it, such as mandatory password resets and code signing certificate renewals, suggest that cybercriminals gained access to user passwords and the company's code signing certificate.

You may have encountered recent discussions and the official notice from NVD (National Vulnerability Database) regarding delays in their analysis process. This message was posted on the February 13: We want to assure you that these delays do not compromise the integrity or efficacy of Snyk's security intelligence, including the Snyk Vulnerability Database.

archTIS is pleased to announce it is a Compliance & Privacy Trailblazer award finalist in the 2024 Microsoft Security Excellence Awards. The company was honored among a global field of industry leaders that demonstrated success across the security landscape during the past 12 months. We are extremely proud to be recognized as a finalist for the Compliance and Privacy Trailblazer award for the second year in a row.

It’s been almost three years since President Biden issued Executive Order 14028, and while we’ve heard vendors talk about “compliance with EO 14028” for about that long, the reality is that industry hasn’t had anything to comply with—until now. On March 11, CISA published the Secure Software Development Attestation Form as part of its obligations under OMB memo M-22-18 and the successor OMB memo M-23-16.

The EU AI Act (the “AI Act”) is the world’s first comprehensive AI law. The Act lays down a harmonised legal framework for the development, supply, and use of AI products and services in the EU.

It’s easy to imagine the burden that you, as a developer, can feel rushing to perform your tasks quickly, sometimes forgetting about the amount of confusion you can feel by reading and producing the code so fast. This confusion can cost both time and money and have an awful impact on the project you work on. This state of confusion, which takes place when a developer faces an overwhelming amount of information and multitasks, is not an imaginary sandcastle.

We recently introduced labs, a new and pioneering space in the 1Password apps that lets customers opt in to test experimental features.

The ability for your SIEM to ingest data at scale is critical, especially in a world where threats target a vast array of attack surfaces. Ensuring full visibility of all log data is paramount, and you need a SIEM that can ingest any event, in any format, to effectively hunt for threats. Remember, you can’t secure what you can’t see. Whether you’re taking a close look at your current solution or evaluating new potential vendors, here’s what to consider around SIEM data ingestion.

Protecting sensitive data and other assets requires an organization to be adaptable and stay informed on things like the digital landscape and threat trends. While some aspects of security are within an organization’s control, it can be extremely difficult to manage all of the risks and vulnerabilities that are likely to arise. Security configuration management (SCM) is one way to take control of many of the facets of cybersecurity that are often overlooked or difficult to handle.