Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In the ever-evolving landscape of cyber threats, a subtle yet potent form of phishing has emerged — quishing, short for QR phishing. It has been 30 years since the invention of QR codes, yet quishing still poses a significant risk, especially after the era of COVID, when QR codes became the norm to check statuses, register for events, and even order food.

Software code is constantly growing and becoming more complex, and there is a worrying trend: an increasing number of open-source components are vulnerable to attacks. A notable instance was the Apache Log4j library vulnerability, which posed serious security risks. And this is not an isolated incident. Using open-source software necessitates thorough Software Composition Analysis (SCA) to identify these security threats.

It’s a concern for families everywhere: keeping kids safe online. For parents with teenagers, there’s the added complication of trying to balance a child’s safety with their right to privacy. But is online safety just families’ problem?

The Blackjack hacking group, reportedly associated with Ukrainian intelligence services, has claimed responsibility for a significant cyberattack impacting emergency detection and response systems in Moscow and surrounding areas.

A guest post by James Berthoty the founder of Latio Tech. The shift to cloud has meant an explosion in cloud security-related acronyms – so many that it can be difficult to know what you currently have versus what’s missing or available. First we bought CSPMs (Cloud Security Posture Management), then CWPPs (Cloud Workload Protection Platforms), then CNAPPs (Cloud Native Application Protection Platform), then CDRs (Cloud Detection Response), and now KDRs (Kubernetes Detection Response).

Many of our customers use Tines and Elastic to scale security operations efforts, integrate context and data enrichment into alerts, and investigate and react to alerts faster. Today, we'll explore how these two platforms, working together, help cloud engineers drive cost savings for the organization, while maintaining optimal performance.

In a landmark development, the U.S. Department of Homeland Security (DHS) has unveiled its pioneering Artificial Intelligence Roadmap, marking a significant stride towards incorporating generative AI models into federal agencies' operations. Under the leadership of Secretary Alejandro N. Mayorkas and Chief Information Officer Eric Hysen, DHS aims to harness AI technologies to bolster national security while safeguarding individual privacy and civil liberties.

Over the last year there has been a prevailing sentiment that while AI will not necessarily be replacing humans, humans who use AI will replace those that don’t.

Today, every organization has significant investments in their overall tech stack, both financially and operationally, and as technology evolves, it is crucial that we keep pace to ensure success. For many organizations, legacy applications house some of their most mission critical applications, and replacing or retiring them would be incredibly costly, monetarily and in terms of productivity. With application modernization, businesses can now skip the hassle of completely rebuilding applications.

Shipping secure code rapidly and at scale is a challenge across the software industry, as evidenced by continued news of high-profile data breaches and critical vulnerabilities. To address this challenge, organizations are increasingly adopting DevSecOps, a practice in which application developers work closely alongside operations and security teams throughout the development life cycle.