A new survey by Cisco and Enterprise Strategy Group reveals the true contours of cloud native application development and security The pressure to drive revenue, increase growth, and boost productivity is pushing organizations to embrace cloud native applications. In many organizations, security is an afterthought in the development process, which can lead to vulnerabilities … [Read more...] about The State of Cloud Security Platforms and DevSecOps
State
State of Wyoming Looks to Expand CrowdStrike Protections Statewide
With its wild beauty, favorable tax laws and growing tech scene, the State of Wyoming is experiencing a surge in business growth. But with this prosperity comes a rise in cyber risk due to the expanding commerce platforms and digital infrastructure needed to support it. “We’ve had several large tech companies relocate to Wyoming recently,” explained Jason Strohbehn, Deputy CISO … [Read more...] about State of Wyoming Looks to Expand CrowdStrike Protections Statewide
Key Findings from the CrowdStrike 2024 State of Application Security Report
As organizations shift their applications and operations to the cloud and increasingly drive revenues through software, cloud-native applications and APIs have emerged among the greatest areas of modern security risk. According to publicly available data, eight of the top 10 data breaches of 2023 were related to application attack surfaces.1 These eight breaches alone exposed … [Read more...] about Key Findings from the CrowdStrike 2024 State of Application Security Report
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
Oct 25, 2023NewsroomThreat Intelligence / Vulnerability The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou … [Read more...] about Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
What’s the State of Credential theft in 2023?
Aug 16, 2023The Hacker News At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The 2023 Verizon Data Breach Investigations Report (DBIR) revealed that 83% of breaches involved external actors, … [Read more...] about What’s the State of Credential theft in 2023?
Improving citizen experience with generative AI: Navigating a new era for state and local government
Last week, I wanted to find out the process for my fifteen year old daughter to get her first driver's license. Sounds simple enough. However, I ended up spending a good portion of my weekend searching for definitive answers — navigating multiple websites, without the option of asking a real, live person. In the very near future, I'll simply be able to ask a chatbot. The … [Read more...] about Improving citizen experience with generative AI: Navigating a new era for state and local government
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
Feb 08, 2023Ravie LakshmananThreat Intelligence / Cyber War The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with the agency … [Read more...] about CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
New U.S. State Data Privacy Laws in 2022
Many countries around the world recognized Data Protection Day in January — a day that highlights the importance of protecting individual privacy and data against misuse. The U.S. celebrated Data Privacy Day, where privacy and security have often been seen as two separate issues. This is evidenced by the way law has historically developed. At the federal level, Congress has … [Read more...] about New U.S. State Data Privacy Laws in 2022
Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats
Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues … [Read more...] about Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats
Gem State University Saves a Small Fortune on TCO With Humio
This blog was originally published on humio.com. Humio is a CrowdStrike Company. Overview The University of Idaho uses Humio to ingest and analyze network security log data at scale. Humio provides incredible cost-savings compared to their previous logging solution, helping the university increase security insights, streamline incident detection and response efforts, and reduce … [Read more...] about Gem State University Saves a Small Fortune on TCO With Humio