Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Surveillance is becoming an increasingly standard component of modern life, posing a threat to the idea that people have a right to privacy. In many situations, we unwittingly provide companies with information about our preferences, routines, and interests. In this age of digital era, you must not rely on evolving surveillance regulations and vendors to keep your personal information and security intact.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. A truly bizarre attack target. Could it have been a prelude to compromise/blackmail or were they practicing for another target? Curious…

In a world where software is ruling everything (well, almost everything), ensuring it is safe and tamper-proof becomes quite crucial. More so if you deal with software manufacturing and development. So are you in the software or application development business? If yes, you must know about all the safety-related concerns people have while using any application. To make sure your end-users are safe from any third party, it is important to sign all your codes digitally.

WebAuthn technology is pivotal to passwordless authentication. When implemented correctly, the specification makes it simple and secure to sign in to accounts without entering a traditional password.

Online safety is second nature for some — but it’s not easy for everyone to stay up to date with the latest security advice. Whether you use the internet to stay in touch with friends and family, play games, or meet new people, everyone needs to know how to stay safe online. October is Cybersecurity Awareness Month — so there’s no better time to brush up on online safety.

Schools and non-profits share the same problem when it comes to cybersecurity budgeting: limited resources which forces a choice between staff with the right expertise and effective tools that work for the organisation.

Previously published blog post: Recently, Arctic Wolf observed threat actors begin exploiting CVE-2022-40684, a critical remote authentication bypass vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager.

If you’re like me, you really appreciate a test automation step as part of your pull request (PR) CI for that added confidence before merging code. I want to show you how to add Playwright tests to your PRs and how to tie it all together with a GitHub Actions CI workflow.

On Tuesday, October 11th, 2022, Aruba disclosed three critical vulnerabilities impacting EdgeConnect Enterprise Orchestrator. The vulnerabilities, CVE-2022-37913, CVE-2022-37914, CVE-2022-37915, are remote code execution and authentication bypass vulnerabilities that could enable remote threat actors to compromise a host. In order for a threat actor to exploit these vulnerabilities, WAN access would need to be available for the CLI and/or web-based management interfaces.

Register Now Nearly every day, news articles showcase big-name companies that became victims of cyberattacks and the hundreds of millions of dollars of loss it will have on their business. These headlines should not be surprising when you look at the data. The number of ransomware detected in Q1 2022 alone was double that of the whole year of 2021.