Enterprises are more dependent than ever on open source software and need to manage the risk posed by vulnerabilities in components and third-party vendors.

from Dark Reading https://ift.tt/2YBhCKU
via IFTTT

The Great Resignation is upon us, and insider IP theft is surging as a result. But it is a solvable problem.

from Dark Reading https://ift.tt/3EYHxMe
via IFTTT

When the drive for additional visibility and awareness is led by the business rather than just a SOC team, both the business and security can benefit.

from Dark Reading https://ift.tt/3D9inK7
via IFTTT

The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally been added to their projects.

from Dark Reading https://ift.tt/3bX7QWJ
via IFTTT

Russian-speaking “Void Balaur” group’s victims include politicians, dissidents, human rights activists, doctors, and journalists, security vendor discloses at Black Hat Europe 2021.

from Dark Reading https://ift.tt/3HaemHM
via IFTTT

Companies are relying more heavily on third parties, remote employees, and partners, expanding their attack surface area beyond traditional boundaries.

from Dark Reading https://ift.tt/3knVgUM
via IFTTT

Wiz researchers who discovered a severe flaw in the Azure Cosmos DB database discussed the full extent of the vulnerability at Black Hat Europe.

from Dark Reading https://ift.tt/3kmARzp
via IFTTT

Threat is spreading widely via spam campaigns, infecting systems with a new malware loader.

from Dark Reading https://ift.tt/2YzLU0J
via IFTTT

Russian cybercrime group known as T505 is targeting SolarWinds Server-U systems that haven’t been patched for a remote code execution vulnerability fixed this summer.

from Dark Reading https://ift.tt/3kmEuWo
via IFTTT

One size won’t fit all as we try to reconcile the need to demonstrate expertise and value with keeping clients and researchers safe.

from Dark Reading https://ift.tt/3F1MVy6
via IFTTT