Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

One AppSec Platform. One Price.

������ ������������ ����������������.������ ����������. Application security is necessary – our platform makes it effortless Mend.io's proactive platform finds and fixes vulnerabilities before they hit your codebase with a new unified AppSec platform.

Verkada Penalized $2.95M by FTC for Security Failures Exposing 150,000 Camera Feeds

In a significant development in the cybersecurity domain, the Federal Trade Commission (FTC) has proposed a $2.95 million penalty against security camera vendor Verkada. The penalty stems from multiple security failures that allowed hackers to access live video feeds from 150,000 internet-connected cameras. These breaches exposed sensitive environments, including women's health clinics, psychiatric hospitals, prisons, and schools, highlighting the severe implications of inadequate security measures.

HIPAA Compliance Mistakes To Avoid

Avoiding HIPAA compliance mistakes is crucial to safeguarding patient data and avoiding hefty fines. Common errors like improper data storage and insufficient employee training can put your practice at risk. Stay compliant by knowing the pitfalls and implementing best practices to protect sensitive information.

The Power of Tripwire Enterprise SCM Policies

There are many good business, security, and compliance reasons for leveraging the extensive rule and policy engines of Fortra’s Tripwire Enterprise (TE) to implement Security Configuration Management (SCM) capabilities, which have been documented very well in other blogs. In contrast, this article deals more with “how can we fully leverage this capability” technically instead of “why” we use them.

SaaS Security Best Practices for Modern Organizations

Most modern organizations run on SaaS applications, and many use them to store sensitive data. The global SaaS market reached a total value of $206 billion in 2023, and is expected to climb to $247 billion by the end of 2024. Organizations must employ a complex system of practices to keep their SaaS apps secure and their data safe. Because SaaS apps are delivered through the cloud, they must be managed and secured differently than other types of software.

Critical Vulnerabilities in Microsoft macOS Apps Could Lead to Unrestricted Access for Hackers

In a recent cybersecurity development, eight vulnerabilities have been identified in Microsoft applications for macOS. These flaws could potentially allow attackers to gain elevated privileges or access sensitive data by bypassing the operating system’s permissions-based security model. This blog delves into the nature of these vulnerabilities, their potential impact, and the steps that can be taken to mitigate the risks.

Detect Secrets In Microsoft Teams With GitGuardian

GitGuardian can now help you find and remediate secrets exposed in your Microsoft Teams channels. We have extended the real-time detection capability of our secrets detection platform to include the popular communications tooling to help teams better fight secrets sprawl throughout their organizations Once integrated, whenever a plaintext credential is accidentally posted to Teams messages, GitGuardian will create an alert and the incident will appear in your GitGuardian dashboard, allowing you to remediate it like any other leaked secret.

CVE-2024-6633: Critical Credential Vulnerability Affecting Fortra FileCatalyst Workflow

On August 27, 2024, Fortra published a security advisory regarding a critical credential vulnerability in FileCatalyst Workflow, identified as CVE-2024-6633. FileCatalyst Workflow is a managed file transfer solution used for exchanging large files across networks.

How a Security Operations Approach Can Prevent Man-in-the-Middle Attacks

Here’s an endpoint you don’t often think about: your car. But if it’s Wi-Fi enabled, as many new models are, that means it resides at the end point of a network connection and can communicate on that network, making it an endpoint.

3 ways AppSec modernization is a game-changer for financial services

Today’s established financial services companies face high pressure from their competition. Many of them find that they must provide an innovative, customized customer experience (CX) or lose out to FinTech disruptors who are already doing CX well. As a result, these businesses are prioritizing innovative, feature-rich applications and adopting the latest and greatest in software development to speed up release cycles and increase productivity.