Why Log4j Mitigation Is Fraught With Challenges
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an…
Meta Expands Bug-Bounty Program to Include Data Scraping
Scraping bugs and scraped databases are two new areas of research for the company's bug-bounty and data-bounty programs.
Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors
Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability,…
Source Code Leaks: The Real Problem Nobody Is Paying Attention To
Source code is a corporate asset like any other, which makes it an attractive target for hackers.
Bug-Bounty Programs Shift Focus to Most Critical Flaws
The number of bug bounty programs jumped by a third, the median payout for a critical vulnerability report rose to…
Political cartoon of the day: Mixed messages
NEWYou can now listen to Fox News articles! next Image 1 of 309 Mixed messages...
Overcoming the Limitations of VPN, NAC, and Firewalls with Zero Trust Access
During 2020 and 2021, we’ve seen ransomware-as-a-service wreak havoc in the IT supply chain and critical infrastructure. Below […] The…
How Threat Actors Get Into OT Systems
The convergence and integration of OT and IT has resulted in a growing number of cyber-risks for critical infrastructure. Here…
Bug Bounties Surge as Firms Compete for Talent
Companies such as GItLab, which today increased its payment for critical bugs by 75%, are raising bounties and bonuses to…
Addressing the Low-Code Security Elephant in the Room
The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why…