π΄ Synopsys: Why Security-Minded Companies Are Transitioning to DevSecOps π΄
π Read
via "Dark Reading: ".
π Read
via "Dark Reading: ".
Dark Reading
Synopsys: Why Security-Minded Companies Are Transitioning to DevSecOps
SPONSORED: For too long, developers have had to weigh the tradeoffs between software security and feature development. But as DevSecOps continues to gain momentum over application security, organizations realize that adopting security in software developmentβ¦
π Engineer Behind Google, Uber Trade Secret Theft Case Sentenced π
π Read
via "Subscriber Blog RSS Feed ".
Anthony Levandowski, the former Google engineer, was sentenced this week, four months after he plead guilty to stealing Google's trade secrets.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Engineer Behind Google, Uber Trade Secret Theft Case Sentenced
Anthony Levandowski, the former Google engineer, was sentenced this week, four months after he plead guilty to stealing Google's trade secrets.
ATENTIONβΌ New - CVE-2020-15106
π Read
via "National Vulnerability Database".
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.π Read
via "National Vulnerability Database".
β Black Hat 2020: Scaling Mail-In Voting Spawns Broad Challenges β
π Read
via "Threatpost".
Voting Village security celeb Matt Blaze delves into the logistics of scaling up mail-in voting ahead of November's election.π Read
via "Threatpost".
Threat Post
Black Hat 2020: Scaling Mail-In Voting Spawns Broad Challenges
Voting Village security celeb Matt Blaze delves into the logistics of scaling up mail-in voting ahead of November's election.
π΄ Voatz Delivers Multilayered Security to Protect Electronic Voting π΄
π Read
via "Dark Reading: ".
SPONSORED CONTENT: While electronic voting has been plagued by fears of tampering or fraud, Voatz is looking to make the process more transparent and auditable, according to company founder Nimit Sawhney. He offers learning points from three recent pilots that highlight how governments can improve the integrity and better protect the voting process and its data.π Read
via "Dark Reading: ".
Dark Reading
Voatz Delivers Multilayered Security to Protect Electronic Voting
SPONSORED CONTENT: While electronic voting has been plagued by fears of tampering or fraud, Voatz is looking to make the process more transparent and auditable, according to company founder Nimit Sawhney. He offers learning points from three recent pilotsβ¦
π΄ Pen Testers Share the Inside Story of Their Arrest and Exoneration π΄
π Read
via "Dark Reading: ".
Coalfire's Gary De Mercurio and Justin Wynn share the inside story of their infamous arrest last year while conducting a contracted red-team engagement in an Iowa courthouse -- and what it took to clear their names.π Read
via "Dark Reading: ".
Dark Reading
Pen Testers Share the Inside Story of Their Arrest and Exoneration
Coalfire's Gary De Mercurio and Justin Wynn share the inside story of their infamous arrest last year while conducting a contracted red team engagement in an Iowa courthouse - and what it took to clear their names.
π΄ SynerComm Reboots a Security Staple with 'Continuous' Pen Testing π΄
π Read
via "Dark Reading: ".
SPONSORED CONTENT: Penetration testing has evolved well beyond a couple guys you hire to try and break into your network, according to SynerComm's Brian Judd. In addition to a service that offers round-the-clock pen testing, SynerComm also provides purple team testing, effectively splitting the difference with red- and blue-team exercises.π Read
via "Dark Reading: ".
Dark Reading
SynerComm Reboots a Security Staple with 'Continuous' Pen Testing
SPONSORED CONTENT: Penetration testing has evolved well beyond a couple guys you hire to try and break into your network, according to SynerComm's Brian Judd. In addition to a service that offers round-the-clock pen testing, SynerComm also provides purpleβ¦
π΄ What to Tell Young People of Color About InfoSec Careers π΄
π Read
via "Dark Reading: ".
CEO and founder of Revolution Cyber Juliet Okafor and Baker Hughes Director of Global OT Security Programs Paul Brager talk about the unique lessons and hard truths they provide when mentoring young black cybersecurity professionals.π Read
via "Dark Reading: ".
Dark Reading
What to Tell Young People of Color About InfoSec Careers
CEO and founder of Revolution Cyber Juliet Okafor and Baker Hughes Director of Global OT Security Programs Paul Brager talk about the unique lessons and hard truths they provide when mentoring young black cybersecurity professionals.
β Twitter Fixes High-Severity Flaw Affecting Android Users β
π Read
via "Threatpost".
A vulnerability in Twitter for Android could have allowed attackers to access private direct messages (DMs) and other data.π Read
via "Threatpost".
Threat Post
Twitter Fixes High-Severity Flaw Affecting Android Users
A vulnerability in Twitter for Android could have allowed attackers to access private direct messages (DMs) and other data.
π΄ Developing Community for Woman Infosec Pros in India π΄
π Read
via "Dark Reading: ".
Vandana Verma tells us how women in India are finding support, education and love of cybersecurity through the growing InfosecGirls community.π Read
via "Dark Reading: ".
Dark Reading
Developing Community for Woman Infosec Pros in India
Vandana Verma tells us how women in India are finding support, education and love of cybersecurity through the growing InfosecGirls community.
π΄ Supporting Women in InfoSec π΄
π Read
via "Dark Reading: ".
Maxine Holt, research director from Omdia, explains why the time is right for women to step into more cybersecurity jobs now.π Read
via "Dark Reading: ".
Dark Reading
Supporting Women in InfoSec
Maxine Holt, research director from Omdia, explains why the time is right for women to step into more cybersecurity jobs now.
ATENTIONβΌ New - CVE-2020-13404
π Read
via "National Vulnerability Database".
The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.π Read
via "National Vulnerability Database".
β Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers β
π Read
via "Threatpost".
Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020.π Read
via "Threatpost".
Threat Post
Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers
Voting machine technology seller Election Systems & Software (ES&S) offered an olive branch to security researchers with new safe harbor terms and vulnerability disclosure policies at Black Hat USA 2020.
β Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs β
π Read
via "Threatpost".
The groups, all tied to the Winnti supply-chain specialist gang, were seen using the same Linux rootkit and backdoor combo.π Read
via "Threatpost".
Threat Post
Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs
The groups, all tied to the Winnti supply-chain specialist gang, were seen using the same Linux rootkit and backdoor combo.
π΄ Tales from the Trenches Show Security Issues Endemic to Healthcare π΄
π Read
via "Dark Reading: ".
The CISO for Indiana University Health says simple policies, good communication, and strong authentication go much further than vendor tools in solving security problems.π Read
via "Dark Reading: ".
Dark Reading
Tales from the Trenches Show Security Issues Endemic to Healthcare
The CISO for Indiana University Health says simple policies, good communication, and strong authentication go much further than vendor tools in solving security problems.
π΄ What A Security Engineer & Software Engineer Learned By Swapping Roles π΄
π Read
via "Dark Reading: ".
A security engineer and infrastructure engineer with Salesforce share lessons learned from their professional role reversal, and advice for people on both teams.π Read
via "Dark Reading: ".
Dark Reading
What A Security Engineer & Software Engineer Learned By Swapping Roles
A security engineer and infrastructure engineer with Salesforce share lessons learned from their professional role reversal, and advice for people on both teams.
π΅ UK retail giant Monsoon has critical vulnerability giving unauthorized access to internal company servers π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
UK Retail Giant Monsoon Has Vulnerability Exposing Sensitive Data
Report: Monsoon Accessorize uses an insecure version of Pulse Connect Secure VPN, exposing records of company and customer data. Read to learn more.
β U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling β
π Read
via "Threatpost".
Government hopes to avoid interference in the upcoming November presidential vote with a hefty reward.π Read
via "Threatpost".
Threat Post
U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling
Government hopes to avoid interference in the upcoming November presidential vote with a hefty reward.
β Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits β
π Read
via "Threatpost".
Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.π Read
via "Threatpost".
Threat Post
Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits
Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets.