To Secure DevOps, Security Teams Must be Agile
The evolution of agile development and infrastructure-as-code has given security teams the tools they need to gain visibility, find vulnerabilities…
Philips healthcare infomatics solution vulnerable to SQL injection
The Philips Tasy EMR, used by hundreds of hospitals as a medical record solution and healthcare management system, is vulnerable…
Mozilla Thunderbird 91.3 released to fix high impact flaws
Mozilla released Thunderbird 91.3 to fix several high-impact vulnerabilities that can cause a denial of service, spoof the origin, bypass…
How Is Zero Trust Different From Traditional Security?
Unlike traditional security approaches, the zero-trust security model verifies a user's identity each and every time they need specific system…
API Security Issues Hinder Application Delivery
A new survey explains why nearly all organizations experience API security problems to varying degrees.
Ripping Off the Blindfold: Illuminating OT Environments
A security tool that monitors OT devices can't disrupt operations. This is why the Self-Learning AI acts only on information…
US Offers $10M Reward For ID, Location of DarkSide Leadership
The State Department offers multimillion-dollar rewards for information related to the leaders and members involved in DarkSide ransomware.
CISA urges vendors to patch BrakTooth bugs after exploits release
Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip (SoC) security…
Cisco fixes hard-coded credentials and default SSH key issues
Cisco has released security updates to address critical security flaws allowing unauthenticated attackers to log in using hard-coded credentials or…
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk…