Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mobile apps have made our lives a lot easier. From ordering food, watching movies, booking a cab, and sending money, one can do everything via mobile apps. However, while mobile apps are a great utility, they've become an easy target for scammers, hackers, and cyber attackers, especially in countries like the UK. Taking charge of the situation, the UK government has created strict guidelines for enhancing the security of mobile apps.

Customers’ willingness to give you their personal data begins with the experience they receive. Convincing them requires the right tone, an outlook of what they’ll get in return, and most importantly, a high level of trust. But while companies depend on customer data to unlock growth, user-centric data collection can be tricky. 43% of U.S.

With Tanium, you can have a complete, accurate and up-to-date view of your enterprise hardware, software and virtual asset inventory integrated with ServiceNow’s CMDB.

Once written off as a failed CMS incapable of generating a significant user base, Microsoft’s SharePoint has continually defied expectations to become one of the most widely-used ECM and Collaboration products ever. It caters to over 200 million users and 250,000 organizations, including 85% of Fortune 500 companies. SharePoint is a user-friendly intranet portal and provides a consolidated center for document sharing, tracking, and overall project management.

Rule tuning is one of the most important steps during the definition of the security posture. With the detection rules, it’s impossible to use a “one fits all” approach: every customer has a unique environment, with its peculiarities and business needs. So, when a new rule is released it’s crucial to understand the security use case behind the detection and reduce the false positives (FP) as much as possible. The Threat Research Team constantly checks if noise occurs.

According to CrowdStrike Report, a 50% increase has been analyzed in active intrusions and cyber-attacks in 2022. And the number may increase in 2023 too. With more and more applications becoming a target of hackers, it getting complex for developers to identify relevant security approaches. Development teams are somewhere unable to select the best mechanism, which would be compatible, high-performing, and strong enough to prevent attacks.

The United States Patent and Trademark Office (USPTO) is the repository for a wealth of knowledge dating back to the nation's founding. The information behind many of the world's greatest inventions ranging from the light bulb, iPhone, Maglev trains to the zipper are housed and protected by the USPTO. A task that is now considerably more difficult as the primary storage medium moves from paper to on-premises and into the cloud.

Data’s role in business processes continues to evolve. Today, organizations collect, store, process, and transmit more personal data than ever before, and legislative bodies respond by updating privacy laws. In 2016, Turkey passed the first iteration of its Personal Data Protection Law number 6698 (PDPL), which also established the Kişisel Verileri Koruma Kurumu (KVKK), the country’s data protection authority.

In our new threat briefing, Forescout’s Vedere Labs details tactics, techniques and procedures (TTPs) commonly adopted by ransomware groups and provides specific mitigation recommendations. In addition to basic cyber hygiene practices, we recommend using Forescout XDR for extended detection and response. Its 1,500+ detection rules cover hundreds of the TTPs most commonly used by ransomware.

As part of our efforts to improve the security of open-source software, we continuously test open-source projects with our JVM fuzzing engine Jazzer in Google’s OSS-Fuzz. One of our tests yielded a Denial of Service vulnerability in the Spring Framework (CVE-2023-20861). Spring is one of the most widely used frameworks for developing web applications in Java. As a result, vulnerabilities have an amplified impact on all applications that rely on the vulnerable version.