Please turn on your JavaScript for this page to function normally.
eavesdropping
Mobile stalkerware is on the rise

Mobile stalkerware, which is software silently installed by stalkers onto victims’ mobile devices without their knowledge, is on the rise, an ESET research finds. In 2019, …

Code
The basics of security code review

With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …

ransomware
How to deal with ransomware attacks

Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system’s data and demands payment to restore access. To help …

editor
Commercial third party code creating security blind spots

Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research …

containers
3 areas of implicitly trusted infrastructure that can lead to supply chain compromises

The SolarWinds compromise in December 2020 and the ensuing investigation into their build services put a spotlight on supply chain attacks. This has generated a renewed …

Salesforce
Acting on a security risk assessment of your organization’s use of Salesforce

Salesforce isn’t rocket science, but the software has an incredible array of tools, which is why securing it demands a unique (and sometimes complex) approach. If you’re …

Kubestriker
Kubestriker: A security auditing tool for Kubernetes clusters

Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …

PCI
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation

Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …

hands
Solve evolving enterprise issues with GRC technology

For this interview, we sat down with Blake Brannon, CTO at OneTrust, to discuss governance, risk management, and compliance (GRC). More than 8,000 customers, including half of …

shield
Research directions in cybersecurity to support a digital strategic autonomy

Resilience, technological sovereignty and leadership are essential for the EU and as such, they are addressed by the EU Cybersecurity Strategy. In an effort to support this …

SniperPhish
SniperPhish: An all-in-one open-source phishing toolkit

SniperPhish is an all-in-one open-source phishing toolkit that pentesters and other security professionals can use for setting up and executing email and web-based spear …

Cloud
Cloud Sniper: Manage and automate cloud security operations

Cloud Sniper is an open-source platform for managing cloud security operations that aims to make it easy for cloud teams to deal with security incidents. “One of our …

Don't miss

Cybersecurity news