Open source libraries and frameworks are a great way to jump-start development projects. Open source empowers developers to do some great things without reinventing the wheel and developing solutions for problems that have already been solved. However, adding any code to a project carries an inherent risk of introducing potential vulnerabilities that may have made their way into it through error or malice.
Splunk SURGe recently released a whitepaper, blog and video that outline the encryption speeds of 10 different ransomware families. The outcome of this research was that it is unlikely that a defender will be able to do anything once the encryption has started. Ransomware today is also mostly “human-operated” where many systems are sought out and compromised before any encryption activities occur and, once they do, the encryption is just too fast to meaningfully affect the damage done.
Keeping up with ever-changing regulatory requirements for cybersecurity can prove difficult for many organizations, which may unknowingly become non-compliant if they fail to adapt to new laws and regulations. Healthcare organizations and financial services must be even more vigilant with compliance. Both sectors are subject to even stricter requirements due to the large quantities of personally identifiable information (PII) they manage.
Arriving at the keynote hall for Black Hat 2022, I was immediately struck by the size of the crowd – after the seemingly endless pandemic hiatus, the cyber industry had come out in force. The mood was one of enthusiasm, and the entire place reverberated with the vibrancy of reunion. It was a great event for the industry – and for HelpSystems – and a few things stuck out.
According to our most recent State of Software Security Report, the financial services industry has fewer security flaws in its applications than last year. Great news, right? That said, the reduction in security flaws isn’t as significant as we would hope to see. The financial services industry has traditionally been recognized for having the least amount of security flaws.
Can you remember your first email? Either sending one, or receiving it? I certainly remember explaining to people what email was, and I also remember someone telling me they could live without their email server for “about a month before it becomes a problem”. Can you imagine that now? A month without email?
In recent times, the widespread use of cloud services has become common for most organizations. While many organizations now enjoy the savings and convenience afforded by hosting their data and services on cloud platforms, this shift towards the cloud brings with an increased vulnerability to data theft and cyberattacks.
Organizations should implement consistent cybersecurity practices to protect their businesses and employees. Password sharing is a common but risky practice in many workplaces that can leave companies vulnerable to a data breach. Sharing passwords is sometimes unavoidable in the workplace, since many businesses often need multiple employees to access a single user account.
