%term

Four Reasons Vulnerabilities Remain Persistent

Feb 8, 2023 By Arctic Wolf In Arctic Wolf

Vulnerabilities cause the majority of cybercrime. There are always new vulnerabilities appearing as software gets updated and as cyber criminals work behind the scenes to find new backdoors to organizations’ systems. In the first half of 2022 alone, 81% of incidents happened through an external exposure — either a known vulnerability or a remote desktop protocol. The sheer volume of vulnerabilities grew again in 2022, with over 25,000 recorded, and over 800 have been actively exploited.

Read Post

Arctic Wolf

Read more about Four Reasons Vulnerabilities Remain Persistent

Snyk and Atlassian deepen partnership with Snyk security in Jira Software

Feb 8, 2023 By Sarah Conway In Snyk

Our long-standing partnership with Atlassian is built on our mutual commitment to providing a great developer experience. It started with our native integration within the Bitbucket Cloud UI, and today we’re incredibly excited to announce yet another new door opening in our partnership. The new Snyk integration for Jira Software will bring security and collaboration to Atlassian users at every stage of the development lifecycle.

Read Post

Snyk

Read more about Snyk and Atlassian deepen partnership with Snyk security in Jira Software

Explanation of Zero-Day in 3 seconds!

Feb 8, 2023 By Indusface In Indusface

In this session, John Goecke (CEO) discusses with Venky how everything changed for StratusVue after a ransomware attack in 2018. He shares how the construction industry is a soft target as there is no regulatory oversight, unlike in banking and healthcare, and security is always an afterthought for business owners. Along with all this, he explains complex terms like zero-day, zero-trust, FedRAMP, etc., in a highly rudimentary way.

View Video

Indusface

Read more about Explanation of Zero-Day in 3 seconds!

How Does Indiaassetz use AWS & Snyk?: Securing Cloud & Apps With a Developer-First Approach

Feb 8, 2023 By Snyk In Snyk

Vinay Khot, CTO at Indiassetz shares how easy it is to use Snyk and AWS to secure the cloud and applications. This video also provides a quick demo by Kartik Dedhia, Sr. Sales Engineer from Snyk.

View Video

Snyk

Read more about How Does Indiaassetz use AWS & Snyk?: Securing Cloud & Apps With a Developer-First Approach

How to Identify and Prevent the Top Software Vulnerabilities in 2023?

Feb 8, 2023 By SignMyCode In SignMyCode

Software is an intricate part of our lives, with its presence in nearly every device and aspect of technology. However, the software can also be vulnerable to malicious threats, given that the code within it can contain flaws. As a result, software vulnerability has been on the rise over the years and is likely to continue increasing in 2023. Organizations and businesses alike need to remain proactive about their security measures when it comes to their systems, software, and data management.

Read Post

SignMyCode

Read more about How to Identify and Prevent the Top Software Vulnerabilities in 2023?

OpenSSH Pre-Auth Double Free CVE-2023-25136 - Writeup and Proof-of-Concept

Feb 8, 2023 By Yair Mizrahi In JFrog

OpenSSH’s newly released version 9.2p1 contains a fix for a double-free vulnerability. Given the severe potential impact of the vulnerability on OpenSSH servers (DoS/RCE) and its high popularity in the industry, this security fix prompted the JFrog Security Research team to investigate the vulnerability. This blog post provides details on the vulnerability, who is affected, and a proof-of-concept to trigger it causing a Denial of Service (DoS).

Read Post

JFrog

Read more about OpenSSH Pre-Auth Double Free CVE-2023-25136 - Writeup and Proof-of-Concept

Money Lover App Vulnerability Exposes Personal Info

Feb 7, 2023 By Trustwave In Trustwave

An information disclosure vulnerability has been identified in Money Lover, a finance tracking application created by Finsify and available on Android, iOS, Microsoft Store, with a web interface. This vulnerability allows any authenticated user to view live transactions related to shared wallets.

Read Post

Trustwave

Read more about Money Lover App Vulnerability Exposes Personal Info

The 443 Episode 228 - What is CVSS?

Feb 7, 2023 By WatchGuard In WatchGuard

This week on the podcast we cover the Common Vulnerability Scoring System (CVSS) including how it works and some of its limitations. Before that though, we discuss a recent survey on the risks of ChatGPT's usage in cyberattacks and the latest activity from Lazarus, the North Korean government hacking operation. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 443 Episode 228 - What is CVSS?

Automate Cloud compliance with Snyk Cloud

Feb 7, 2023 By Lauren Place In Snyk

Audits are challenging. Especially when it comes to assessing abstract compliance standards against multiple cloud environments, unique cloud infrastructure setups, and many possible (mis)configurations. To help our customers automate compliance assessments, Snyk Cloud now supports 10+ compliance standards— including CIS Benchmarks for AWS, Azure, and Google Cloud, SOC 2, PCI DSS, ISO 27001, HIPAA, and more.

Read Post

Snyk

Read more about Automate Cloud compliance with Snyk Cloud

Snyk Integrations 101

Feb 7, 2023 By Snyk In Snyk

Do you want to learn about key initial integrations when getting started with Snyk? Watch this recording where Shawn Miller and Jim Jones cover Integrations 101.

View Video