Distinguishing real, business-critical application risks is more challenging than ever. A siloed, ad hoc approach to AppSec generates noisy false positives that overwhelm under-resourced security teams. You need a... Read more »

Microsoft’s December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. “This month, Microsoft did not patch any zero-day vulnerabilities, marking only... Read more »

DataDome announced it is taking its bot protection offerings to a whole new level by enabling a new challenge response for customers, called Device Check. This invisible challenge works... Read more »

Censys announced two new product tiers of its search tool, Censys Search Solo and Censys Search Teams. These additions are part of a series of strategic initiatives to enhance... Read more »

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This campaign consists of continued... Read more »

Calamu announced expanded support for enterprise applications through interoperability of a Calamu Data Harbor with the industry recognized S3-API protocol in the latest release of their flagship product, Calamu... Read more »

Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and content of the emails suggest to the recipient the... Read more »

BT and Netskope announced a partnership to bring Netskope’s Security Service Edge (SSE) capabilities to BT’s global customers. The partnership follows a number of large customer implementations where the... Read more »

SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread... Read more »