• Article

The 2021 threat landscape has become more crowded as new adversaries emerge according to the 2022 Global Threat Report released today by CrowdStrike.

CrowdStrike Intelligence is now tracking more than 170 adversaries in total with 21 added last year. Financially motivated eCrime activity continues to dominate with intrusions attributed to eCrime accounting for 49 percent of all observed activity.

Continue reading →

Developers reportedly see a 50 percent productivity boost when documentation is detailed and available in different formats, but previously if you wanted to include pictures and/or diagrams in Markdown files on GitHub, you had to do so by embedding an image.

From today, however, developers can now include diagrams and flowcharts generated using the popular markdown-like language Mermaid.

Continue reading →

The popularity of cloud is self-evident. A recent IDC report showed that spending on shared cloud infrastructure reached $13B in Q3 2021, an increase of 3.6 percent from Q3 2020. Additionally, according to IDC projections, cloud spending in 2021 is expected to have increase by 8.3 percent in 2021 compared to 2020. Cloud adoption of is no longer a competitive differentiator, particularly in the wake of the pandemic rush to digitization. 

Business success is in the details. Large transformation initiatives such as cloud may be appealing, but in today’s climate of digital parity, these projects may not deliver the return on cost and time invested which leaders desire. To stand out amongst competitors, business leaders need to shift their focus from complete digital transformation to smaller, more incremental evolution.

Continue reading →

Many large enterprises have legacy systems running on IBM Z-series mainframe platforms. In order to help digital transformation efforts and modernize apps across hybrid environments, Big Blue is announcing a series of new capabilities.

Plans include delivering IBM Z as-a-service on IBM Cloud for development and test, as well as introducing additional tools for developing hybrid applications.

Continue reading →

A new report based on data from more than 100 open source audit projects conducted in 2021 finds that companies are only aware of 17 percent of the open source components they use, an increase of just four percent in the past year.

The 2022 State of the Software Supply Chain Report from Revenera also shows that risks are increasing.

Continue reading →

Risk Based Security (RBS) has today released its 2021 Year End Vulnerability QuickView Report showing that a total of 28,695 vulnerabilities were disclosed last year.

This the highest number recorded to date. Now that the vulnerability disclosure landscape has moved past the COVID-19 pandemic, RBS predicts that the number of vulnerabilities disclosed will continue to rise year-on-year in future.

Continue reading →

Enterprises often turn to the cloud as a way of reducing their IT costs. But using the cloud by itself doesn't necessarily lead to savings, especially if there are no adequate controls in place.

We talked to Lenley Hensarling, chief strategy officer at real-time data platform Aerospike, to discover how the right management strategies can help rein in costs for public, private, hybrid, and multi-cloud deployments.

Continue reading →

Condoms are a great way to minimize the risk of both pregnancy and some sexually transmitted diseases. In fact, condoms have proven to be a solid defense against the spread of HIV -- the virus that leads to AIDS.

The question, however, is does the world need a condom emoji? According to the AIDS Healthcare Foundation, the answer is yes. You see, today, the AHF has chosen to launch a campaign to try and convince the The Unicode Consortium to add a proper condom emoji -- not just using the balloon ? emoji in conjunction with an eggplant ? or banana ?. Why launch the campaign today, though? Because February 13 is International Condom Day!

Continue reading →

With job vacancies currently outweighing the number of people available to fill them, a career in cybersecurity offers almost limitless opportunities. The 2021 Cybersecurity Workforce Study from (ISC)² estimated that there were 4.19 million cybersecurity professionals worldwide -- an increase of more than 700,000 from the year before.

While this illustrates an industry undergoing major growth, there remains a workforce gap of 2.72 million people which represents a very serious problem for organizations faced with a growing volume and sophistication of security threats.

Continue reading →

Artificial intelligence (AI) and machine learning (ML) seem to have piqued the interest of automated data collection providers. While web scraping has been around for some time, AI/ML implementations have appeared in the line of sight of providers only recently.

Aleksandras Šulženko, Product Owner at Oxylabs.io, who has been working with these solutions for several years, shares his insights on the importance of artificial intelligence, machine learning, and web scraping.

Continue reading →

The timeliness of security checks during the software testing process is critical to more rapid and higher quality software development and yielding higher returns. Yet DevOps and security have historically struggled to integrate in the software development life cycle (SDLC). According to a Gartner study, through 2022, 90 percent  of software development projects plan to follow DevSecOps practices, up from 40 percent  in 2019.

With the increased risks of cyberattacks and pressure on DevOps teams to deliver software to faster timelines, the risks and consequences associated with flawed code and faulty infrastructure configurations cannot afford to be missed in the early development stages. So the pros of uniting these teams is clear, but the cons remain costly and their discord could hold organizations back by making software deployment faster but in doing so releasing security vulnerabilities.

Continue reading →

In theory, the fact that Google Chrome can warn you if any of your saved passwords have been involved in breaches is a good thing. In theory. In practice, it can be a different story. There may be a very good reason for no wanting to change a particular saved password, rendering warnings nothing more than irritating.

You could, of course, disable password warnings completely, but this is clearly something of a security risk. But if an experimental setting Google is working on in Chrome makes its way to the release version of the browser, you could soon have finer-grained control over password warnings -- meaning that you could stop Chrome pestering you about passwords you won't want to change or can't change.

Continue reading →

Many companies share the opinion that they are fighting a "losing battle" against cyber threats and security vulnerabilities. The threats are endless, and they are only getting more aggressive and difficult to counter.

This sentiment is echoed by the most recent edition of one annual security report (Priority One Report 2022), which describes 2021 as a banner year for cyberattacks. There is a sense of collective pessimism in being able to sustain cyber defenses, which cost hundreds of thousands of dollars yearly.

Continue reading →

To drive cost efficiency, organizations need a process in place designed to manage and schedule the rollout of mission-critical software updates and releases to the production environment -- this is where release management comes into play.

Release management is introduced to solve problems, but it must be approached in the right way to succeed effectively. Many of the challenges that businesses face with their software releases in traditional operating environments stem from a disconnect between the development and IT operations teams. To bring these two differing sides together, many have implemented a DevOps methodology as a way to break down the existing silos and provide more value quicker and with fewer risks by balancing throughput and stability.

Continue reading →

The CISA (US Cybersecurity and Infrastructure Security Agency) has published a list of 15 actively exploited software vulnerabilities, encouraging users of Windows and macOS to install the available patches.

Included in the list is the SeriousSAM vulnerability that is also known as HiveNightmare affects Windows 10 and 11. Tracked as CVE-2021-36934, this is a local privilege escalation vulnerability that makes it possible for an attacker to grab password hashes from the registry and gain admin privileges.

Continue reading →