Beyond Identity’s solution secures the software supply chain against insider threats and malicious attacks

Beyond Identity announced a solution that closes a critical vulnerability and secures the software supply chain against insider threats and malicious attacks. Beyond Identity’s new Secure DevOps product establishes a simple, secure, and automated way to confirm that all source code entering a corporate repository and processed by the continuous integration/continuous deployment (CI/CD) pipeline is […]

Continue Reading

Execs concerned about software supply chain security, but not taking action

Venafi announced survey results highlighting the challenges of improving software supply chain security. The survey evaluated the opinions of more than 1,000 IT and development professionals, including 193 executives with responsibility for both security and software development, and revealed a glaring disconnect between executive concern and executive action. While 94% of executives believe there should […]

Continue Reading

Protecting your company from fourth-party risk

In a world that is becoming ever more interconnected, organizations are learning firsthand that they are not only vulnerable to the adverse events that their vendors experience but also to the incidents that happen to those vendors’ vendors. Recent events such as the SolarWinds breach, Microsoft Exchange server attack and Fastly outage have revealed that […]

Continue Reading

Kaseya fixed two of the three Kaseya Unitrends zero-days found in July

Software firm Kaseya addressed Kaseya Unitrends zero-day vulnerabilities that were reported by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD). Kaseya released security updates address server-side Kaseya Unitrends zero-day vulnerabilities that were reported by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD). Kaseya Unitrends is a cloud-based enterprise solution that provides affordable, […]

Continue Reading

The destructive power of supply chain attacks and how to secure your code

In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques and how to build more secure apps. Here’s a transcript of the podcast for your convenience. Jasmine: I’m here today with Tomislav Peričin, Chief Software Architect with ReversingLabs, talking about the […]

Continue Reading

Beers with Talos, Ep. #108: Kaseya it ain't so

Beers with Talos (BWT) Podcast episode No. 108 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify  StitcherIf iTunes and Google Play aren’t your thing, click here. Who needed a summer vacation anyway? The whole Beers… [[ This is only the beginning! Please visit the blog for the complete entry ]] Source: […]

Continue Reading

AppOmni’s platform protects companies against cloud and SaaS breaches

From ransomware to data breaches, global cybersecurity incidents against organizations, governments, and individuals are on the rise. There have been a multitude of attacks over the past year, from SolarWinds and Kaseya to the Microsoft Exchange attack and the breach of Canadian plane manufacturer Bombardier. As the sophistication, complexity, and frequency of cybersecurity attacks continue […]

Continue Reading

DIVD discloses three new unpatched Kaseya Unitrends zero-days

Experts found three new zero-day flaws in the Kaseya Unitrends service and warn users to avoid exposing the service to the Internet. Security researchers warn of three new zero-day vulnerabilities in the Kaseya Unitrends service. The vulnerabilities include remote code execution and authenticated privilege escalation on the client-side. Kaseya Unitrends is a cloud-based enterprise solution […]

Continue Reading