News
-
Codenotary adds vulnerability scanning to its repertoire
Codenotary, a software supply chain security provider, has announced new features to its cloud offering, including built-in vulnerability scanning. With the addition of scanning, the company’s cloud solution can provide end-to-end protection for a supply chain, from checking for vulnerabilities to ensuring the provenance of software artifacts. According to the company, Codenotary Cloud, which was…
-
NCSC Launches Awareness Campaign to Strengthen Password Practices
The campaign recommends using passwords containing three random words and enabling two-factor authentication Read More
-
Cyclops Blink Malware Expands to Target Asus
Researchers warn that large-scale campaign may be building Read More
-
Aircraft Disrupted by Satellite Jamming Following Russian Invasion
EU issues urgent bulletin for aviation companies and authorities Read More
-
Cloud-Based Email Threats Surge 50% in 2021
Drop in ransomware and BEC indicates more targeted attacks Read More
-
MITRE and partners build insider threat knowledge base
Is the time right for a unified lexicon of known tactics, techniques and procedures (TTP) used by insiders who opt to break trust with their employers? MITRE thinks so and has positioned itself to serve as the locus for insider threat knowledge. In mid-February, MITRE Engenuity’s Center for Threat Informed Defense, supported by a phalanx…
-
Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware
Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming…
-
Fortress creates center for security information on energy suppliers
A new library designed to be a centralized source of security information and communication for energy company suppliers was announced Tuesday by Fortress Information Security. The Asset to Vendor Library Trust Center is a project of Fortress, American Electric Power and Southern Company, and offers a way for suppliers to connect with their customers and…
-
CIS Completes SOC 2 Type II Audit Using CIS Best Practices
CIS’s SOC 2 Type II compliance ensures members’ data and associated information is protected at all times with all compliance requirements. Read More
-
Deepfence revamps ThreatMapper with new scanner, runtime SBOMs
Deepfence, a security observability and protection company, is releasing ThreatMapper 1.3.0, the latest version of its open-source threat intelligence platform, with two new features — a secret-scanning tool and runtime SBOM (software bill of materials). The latest version of the software will feature a new open-source scanning tool, SecretScanner, which can be accessed through the…