Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On February 2, the popular remote access tool AnyDesk disclosed that it had suffered a cyberattack that had compromised its production systems. Although AnyDesk has not revealed specific details about the root cause of the attack, the measures taken to mitigate it, such as mandatory password resets and code signing certificate renewals, suggest that cybercriminals gained access to user passwords and the company's code signing certificate.

You may have encountered recent discussions and the official notice from NVD (National Vulnerability Database) regarding delays in their analysis process. This message was posted on the February 13: We want to assure you that these delays do not compromise the integrity or efficacy of Snyk's security intelligence, including the Snyk Vulnerability Database.

archTIS is pleased to announce it is a Compliance & Privacy Trailblazer award finalist in the 2024 Microsoft Security Excellence Awards. The company was honored among a global field of industry leaders that demonstrated success across the security landscape during the past 12 months. We are extremely proud to be recognized as a finalist for the Compliance and Privacy Trailblazer award for the second year in a row.

The EU AI Act (the “AI Act”) is the world’s first comprehensive AI law. The Act lays down a harmonised legal framework for the development, supply, and use of AI products and services in the EU.

It’s easy to imagine the burden that you, as a developer, can feel rushing to perform your tasks quickly, sometimes forgetting about the amount of confusion you can feel by reading and producing the code so fast. This confusion can cost both time and money and have an awful impact on the project you work on. This state of confusion, which takes place when a developer faces an overwhelming amount of information and multitasks, is not an imaginary sandcastle.

We recently introduced labs, a new and pioneering space in the 1Password apps that lets customers opt in to test experimental features.

The ability for your SIEM to ingest data at scale is critical, especially in a world where threats target a vast array of attack surfaces. Ensuring full visibility of all log data is paramount, and you need a SIEM that can ingest any event, in any format, to effectively hunt for threats. Remember, you can’t secure what you can’t see. Whether you’re taking a close look at your current solution or evaluating new potential vendors, here’s what to consider around SIEM data ingestion.

Protecting sensitive data and other assets requires an organization to be adaptable and stay informed on things like the digital landscape and threat trends. While some aspects of security are within an organization’s control, it can be extremely difficult to manage all of the risks and vulnerabilities that are likely to arise. Security configuration management (SCM) is one way to take control of many of the facets of cybersecurity that are often overlooked or difficult to handle.

In the ever-evolving landscape of cybersecurity, the collaborative effort between the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) in issuing five joint Cybersecurity Information Sheets (CSIs) marks a significant milestone in guiding organizations towards secure cloud adoption. These documents serve as a testament to the critical nature of securing cloud services in an era where digital transformation is not just an option, but a necessity.