Linux Glibc Security Fix Created a Nastier Linux Bug
A fix that was made in early June to the GNU C Library (glibc) introduced a new and nastier problem. Steven J. Vaughan-Nichols writes via ZDNet: The first problem wasn't that bad. As Siddhesh Poyarekar, a Red Hat principal software engineer wrote, "I.....»»
Establishing a security baseline for open source projects
In this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security (OSS security) and opportunities for overcoming these challenges. The OpenSSF community has.....»»
Security Bite: Apple updates Platform Security guide with first-ever details on App Store security, BlastDoor, more
Apple this week updated its Platform Security guide, which contains in-depth technical information on security features implemented in its products. First released in 2015, the latest update adds six new topics, including first-ever details on BlastD.....»»
Get this Awesome Deal on Blink’s 4th Gen Cam with $120 Off!
This offer packs three cameras into one bundle. The post Get this Awesome Deal on Blink’s 4th Gen Cam with $120 Off! appeared first on Phandroid. For buyers after a reliable home surveillance and security solution, Blink’s wide.....»»
New infosec products of the week: May 10, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Abnormal Security, AuditBoard, Cranium, Datadog, Eclypsium, ExtraHop, Forcepoint, SentinelOne, Splunk, Sumo Logic, and Trellix. AuditBoard enhances InfoSec S.....»»
GenAI enables cybersecurity leaders to hire more entry-level talent
93% of security leaders said public GenAI was in use across their respective organizations, and 91% reported using GenAI specifically for cybersecurity operations, according to Splunk. A total of 1,650 security leaders participated in the global surv.....»»
Nmap 7.95 released: New OS and service detection signatures
Nmap is a free, open-source tool for network discovery and security auditing. It’s valued by systems and network administrators for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap identifies av.....»»
How secure is the “Password Protection” on your files and drives?
People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. However, simple password protection on a PDF or Exc.....»»
Apple apologizes for ad that crushes the sum total of human artistic endeavor
An ad that isn’t about generative AI but somehow manages to be about AI anyway. Enlarge / One of many human-created objects destroyed in Apple's "Crush!" ad for the iPad Pro. (credit: Apple) Earlier this week, Apple to.....»»
Dive into app & game development with new "Apple Pathways" hub
Apple has created a new web page that acts as a hub for the various paths to developing apps for its platforms with various resources and guides.Dive into app & game development through new 'Apple Pathways' hubCalled "Apple Pathways," it provides an.....»»
Security flaws in BIG-IP system could have put entire networks at risk
F5 released mitigations and a patch for two high-risk flaws......»»
Zscaler swats claims of a significant breach
On Wednesday, a threat actor named “InteIBroker” put up for sale “access to one of the largest cyber security companies” and immediately ignited speculation about which company it might be. InteIBroker claims to have access to.....»»
Skyhigh Security boosts data protection measures with AI innovations
Skyhigh Security announced strategic additions to its Security Service Edge (SSE) portfolio. In response to an evolving cyber threat landscape and new data security challenges, these new innovations will empower organizations to seamlessly adopt zero.....»»
BigID equips security teams with AI-guided data security and risk remediation recommendations
BigID announced the introduction of AI-guided data security and risk remediation recommendations. These new capabilities empower security teams to eliminate guesswork and more proactively address security risks to improve their overall security postu.....»»
Secureworks Taegis NDR identifies malicious activity on the network
Secureworks released Secureworks Taegis NDR, to stop nefarious threat actors from traversing the network. The dominance of cloud applications and remote working has created an explosion in network traffic, up over 20% from 2023 to 20241. Adversaries.....»»
CISA starts CVE “vulnrichment” program
The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is fai.....»»
Most Watched Netflix Shows in Ireland
Netflix has been notoriously secretive about its viewership for years. However, after a few years of releasing statistics for some of its programming, Netflix created a website in mid-November that posted charts... The post Most Watched Netflix Shows.....»»
Regulators are coming for IoT device security
Cybersecurity is a relatively new challenge for many IoT device makers who have traditionally produced non-connected devices. These devices were less vulnerable to exploitation and, as a result, manufacturers often lack the expertise and experience n.....»»
Why SMBs are facing significant security, business risks
In this Help Net Security video, Alex Cox, Director of Threat Intelligence at LastPass, discusses how human factors are getting in the way while SMB leaders report investing more time, attention, and budget in cybersecurity. According to LastPass, th.....»»
Global ransomware crisis worsens
Ransomware and extortion incidents surged by 67% in 2023, according to NTT Security Holdings’ 2024 Global Threat Intelligence Report. Global ransomware crisis After a down year in 2022, ransomware and extortion incidents increased in 2023. More.....»»
3 CIS resources to help you drive your cloud cybersecurity
In the process of moving to the cloud, you need a security-first cloud migration strategy that considers both your security and compliance requirements upfront. In this article, we’ll discuss how you can use resources from the Center for Internet S.....»»