A Brief Overview of DevSecOps Metrics
Learn about the DevSecOps metrics you can use to measure the efficiency and effectiveness of your code and cloud security program.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Keeper 102 - How to Set Biometric Login in Keeper on iOS
Biometric login, especially when paired with Keeper, is a time saving, convenient feature that allows you to login to Keeper with biometrics such as “Face ID”. To enable biometric login, navigate to the Settings screen in the Keeper app and toggle “Biometric Login”, “on”. Next time you want to log in to Keeper, simply tap the Face ID icon to initiate face recognition. Please note, Face ID must be configured in your device's settings before using it to login to Keeper.
Why You Should Use a Password Manager in 2024
You should use a password manager in 2024 because a password manager protects your login credentials and keeps your online data safe. Password managers do more than just protect and store passwords; they also store your passkeys, generate new, strong passwords, and let you store and securely share important documents such as medical records, identification cards, credit cards and more. Continue reading to learn why using a password manager is important in 2024 and the risks associated with not using one.
Responding to CVE-2024-3094 - Supply chain compromise of XZ Utils
It seems as though responders cannot catch a break when it comes to 0-day vulnerabilities and supply chain compromise avenues. On March 29th, 2024, the Cybersecurity & Infrastructure Security Agency published an alert regarding a supply chain compromise of the XZ Utils package. At time of writing, there is no information regarding exploitation of the vulnerability and follow-on post-compromise activity.
XZ Utils Vulnerability: CVE-2024-3094
On March 28th, Red Hat released an advisory for CVE-2024-3094 which is a critical vulnerability identified in XZ Utils – a widely used data compression software included in many Linux distributions. This vulnerability stems from a backdoor inserted in versions 5.6.0 and 5.6.1 of XZ Utils and has been given a CVSS score of 10 out of 10, indicating its severity as critical.
Enhancing Security Visibility for a Leading Asset Management Firm
In the fast-paced world of asset management, security visibility and quick response to incidents are paramount, but building these capabilities in-house can be a challenge. Discover how our Kroll Responder MDR service helped a leading asset management firm identify and respond to security incidents faster and more effectively. Through an outcome-driven approach, Kroll offered the expertise and network and endpoint detection technologies to manage threats around-the-clock.
CTI Roundup: Fake Google Sites Pages, Hackers Target Global Governments
Hackers spread malware through fake Google Sites pages, cybercriminals exploit APIs, and an APT campaign targets global government entities.
What is the Health Records and Information Privacy Act 2002 (HRIPA)?
The Health Records and Information Privacy Act 2002 (HRIPA) is a comprehensive legislation established to protect the privacy and security of health information in New South Wales (NSW), Australia. This legislative framework shares many similarities with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule in the United States in their goals to ensure data privacy, security, and handling of health information in the healthcare sector.
The 443 Podcast - Episode 284 - A Bad Month for Software Supply Chains
This week on the podcast, we cover a software supply chain attack years in the making that was days away from a devastating global impact. After that, we cover Facebook's Project Ghostbusters and its impact on user privacy before ending with another software supply chain attack that successfully compromised developers in the gaming world. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
Trustwave Embarks on an Extended Partnership with Microsoft Copilot for Security
Trustwave today announced it will offer clients expert guidance on implementing and fully leveraging the just-released Microsoft Copilot for Security, a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes.