Modern applications are designed to process, use and store vast amounts of sensitive data. As adversaries seek to infiltrate these applications, IT and security teams must ensure the software they use has the strongest possible security. The first step to implementing strong application security is understanding the type of application you need to protect. The two types of … [Read more...] about Securing Custom-Developed vs. Commercial Off-the-Shelf Software
software
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
Oct 27, 2023NewsroomCyber Attack / Malware The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and … [Read more...] about N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
Oct 25, 2023NewsroomThreat Intelligence / Vulnerability The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou … [Read more...] about Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
Women in tech: How Angela Chuang’s childhood sparked her dream of becoming a software engineer
As a young girl, Angela Chuang accompanied her father to the bookstore where they would browse books on software engineering together. He started his own business in software engineering and served as an inspiration to her. Later, she followed in his footsteps and became a software engineer herself. “I admire his self-motivation and diligence, which make him a role model in my … [Read more...] about Women in tech: How Angela Chuang’s childhood sparked her dream of becoming a software engineer
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Sep 20, 2023THNNetwork Security / Vulnerability Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on … [Read more...] about Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Comparing Six Top Observability Software Platforms
When it comes to observability, your organization will have no shortage of options for tools and platforms. Between open source software and proprietary vendors, you should be able to find the right tools to fit your use case, budget and IT infrastructure.Observability should be cost-efficient, easy to implement and customers should be provided with the best support possible. … [Read more...] about Comparing Six Top Observability Software Platforms
Women in Tech: Stephanie Harris explains how she switched careers from musician to software engineer
Stephanie Harris has always had an interest in computers, but her initial career path started out in a different direction. Now, she’s a Senior Software Engineer at Elastic. Since she was young, Stephanie says she’s always had the ability to take confusing concepts and make them “make sense,” a skill that helped her on her winding path which eventually led her to Elastic. While … [Read more...] about Women in Tech: Stephanie Harris explains how she switched careers from musician to software engineer
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
Jul 07, 2023Swati KhandelwalVulnerability / Cyber Threat Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability, tagged as … [Read more...] about Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
The power of effective log management in software development and operations
,The rapid software development process that exists today requires an expanding and complex infrastructure and application components, and the job of operations and development teams is ever growing and multifaceted. Observability, which helps manage and analyze telemetry data, is the key to ensuring the performance and reliability of your applications and infrastructure. In … [Read more...] about The power of effective log management in software development and operations
Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access
Apr 18, 2023Ravie LakshmananCyber Threat / Malware The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary's … [Read more...] about Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access