Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

SPHERE Receives $31M for Series B Funding From Edison Partners, Forgepoint Capital

New investment will accelerate growth and expansion of SaaS identity-hygiene platform.

DARKReading
#ios#git#intel
API Secrets: Where the Bearer Model Breaks Down

Current authentication methods are based on the bearer model, but lack of visibility into the entities leveraging API secrets has made this untenable.

The Evolution of Business Email Compromise

The simplicity and profitability of these attacks continue to appeal to threat actors a decade later.

Critical Quarkus Flaw Threatens Cloud Developers With Easy RCE

Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks. Patch now, as it's easy for cyberattackers to exploit.

Identity Digital Releases Its First DNS Anti-Abuse Report

The quarterly report, made possible by its Dynamic Defense™ service, demonstrates significant progress in mitigating domain abuse among its top-level domains (TLDs).

CyberRatings.org Revives NSS Labs Research

The NSS Labs archive, available with free registration, consists of over 800 test reports, analyst briefs, and research published by NSS Labs from 2013 — 2020.

Connect the Dots with Genetic Algorithms on CNAPP

Cloud-native application protection platforms can apply machine-learning algorithms on cloud data to identify accounts with abnormal permissions and uncover potential threats.

Microsoft Defender Gets New Security Protections

The new Microsoft Defender for Endpoint capabilities include built-in protection and scanning network traffic for malicious activity.

How to Use Cyber Deception to Counter an Evolving and Advanced Threat Landscape

Organizations must be prepared to root out bad actors by any means possible, even if it means setting traps and stringing lures.