Security firms Crowdstrike, Palo Alto Networks and Sailpoint are making acquisitions to bolster their product portfolios. Here's a rundown of the deals.
A remote code vulnerability in the Android version of the file-sharing app SHAREit could allow hackers to tamper with the app's permissions, enabling them to steal sensitive data, reports security firm Trend Micro.
The Biden administration is reviewing former President Donald Trump's policies addressing potential national security and cybersecurity concerns about Chinese-owned companies as it develops new plans for dealing with a wide range of issues tied to China.
French cybersecurity authorities are warning that widely used, open-source IT monitoring software called Centreon appears to have been hit by Russian hackers. But unlike the SolarWinds supply chain attack, in this campaign, attackers appear to have hacked outdated, unpatched versions of the software.
SAP has issued a patch and remediation advice for a critical remote code execution vulnerability in its SAP Commerce product that could, if exploited, disrupt the entire system.
Several data breaches stemming from unpatched vulnerabilities in Accellion's File Transfer Appliance have been revealed. What went wrong? Where does the fault lie? And what can organizations do about it?
With digital transformation come new applications and efficiencies in the cloud. But governance, visibility and access challenges also emerge. Hironori Yamashita of Imperva shares strategies for improving data governance and security in the cloud.
Drawing upon Imperva's own recent Cyber Threat Index findings, Reinhart Hansen, director of technology in the office of the CTO, talks about that latest application vulnerabilities and DDoS attack trends as we start 2021.
Digital innovation is the ultimate source of competitiveness and value creation for almost every type of business. The universal desire for faster innovation demands
efficient reuse of code, which in turn has led to a growing dependence on open source and thirdparty software libraries.
Download this whitepaper...
As users and applications become the risk focal point, there is no hard and fast perimeter security professionals can put a wall around. Consequently, application layers remain insufficiently secured. In fact, application layer attacks are now the most frequent pattern in confirmed breaches.
Download this guide and...
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products. SonicWall is urging customers to apply temporary fixes to secure VPNs and gateways.
Cloud security trends like “shift-left security” and “DevSecOps” refer to new strategies and paradigms that help organizations keep workloads secure in the age of cloud-based, scale-out, constantly changing applications and infrastructure.
Many in IT, security, and development probably understand what these...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.