Vulnerability management in 2023: Questions and answers
In this article, I will try to answer several important questions related to identifying, classifying, prioritizing, and eliminating vulnerabilities in a timely manner, as well as how to automate the vulnerability management process.
Let me start the article by defining the classic process of finding and eliminating vulnerabilities.
37 percent of companies lose over $100,000 to a cyberattack
Cyberattacks can cause significant harm to businesses, not least financial losses. According to recent findings from the Atlas VPN team, 37 percent of companies lose over $100,000 per cyberattack on average.
Some lose even more, with 22 percent of companies suffering significant losses ranging from $100,000 up to $499,999. Cybercriminals stole even more money, between $500,000 and $999,999, from 11 percent of businesses. Lastly, four percent of companies claim to have lost over $1 million after a successful cyberattack. A worrying two percent of businesses say they don't know their actual losses.
Adobe debuts Photoshop Elements 2023 and Premiere Elements 2023 with new photo and video effects
Adobe has unveiled brand new versions in its consumer photo and video range with the combined launch of Adobe Photoshop Elements 2023 and Adobe Premiere Elements 2023 for Windows and macOS.
Both new versions showcase new visual effects, but also come with the promise of usability, performance and stability improvements. They’re also accompanied by the launch of new companion web and mobile apps.
What does cloud native security actually look like? [Q&A]
Cybersecurity is a priority for all enterprises. We regularly see news of data breaches across a wide range of industries, and as workforces increasingly move to a hybrid model the issue becomes more acute.
As businesses undergo digital transformation they need to update not only their tools but also their attitude toward keeping systems secure. We spoke to Pravin Kothari, executive vice president, product and strategy at cloud security company Lookout to find out why in a cloud-native world security needs a different approach.
Why it's time to rethink your hybrid collaboration strategy
Over the last two years, organizations everywhere have built hybrid collaboration strategies from a variety of platforms and services in an effort to blend the most useful features. This is understandable given the rapid acceleration in the adoption of digital collaboration tools throughout 2020, which played a huge role in keeping the economy moving.
Since then, businesses have grown to rely on their collaboration capabilities as part of their ongoing approach to hybrid working. But in many cases, this has given rise to a somewhat cobbled-together approach, delivering user and customer experiences that work but aren’t entirely optimized.
Simple data management with Database as-a-Service (DBaaS) for Kubernetes
Modern applications need to be fast, available, and secure. They are composed of many microservices, often supported by multiple data services. Managing each of these data services in a dynamic, Kubernetes world is complex, time-consuming and leaves little time for innovation.
Managing stateful applications on Kubernetes in production is difficult. According to a Pure Storage survey, the most important customer requirements are:
Spotify is forcibly installing on Windows 10 and Windows 11 systems
If you have noticed the appearance of the Spotify app on your computer but you don't recall installing it, you are not alone. There are multiple reports -- or complaints, even -- from users of Windows 10 and Windows 11 that the app has installed itself without permission.
It is certainly not unknown for Microsoft to forcibly install apps on computers, but on previous occasions when apps have been foisted onto people, there has been some sort of announcement or notification. This has not happened this time around, so it is not quite clear what is going on. One thing is undeniable though: people are not happy.
Five SAP application security trends
Ubuntu-based Linux Mint 21.1 'Vera' will be released on Christmas
Linux Mint users are usually quite rabid when it comes to news about the operating system, and I am happy to say the distribution's developers have shared some interesting tidbits.
First and foremost, the upcoming Linux Mint 21.1 will be named "Vera." This is hardly surprising, as the Mint 21.x series will use female names that start with the letter V. Linux Mint 21 is named "Vanessa," for instance.
Why cloud fax is better for secure data exchange than email
The constantly-evolving email encryption landscape is a tell-tale clue as to email’s vulnerability. Email service providers and encryption software makers must continually up their game because they know organizations use email to transmit their most sensitive content -- a fact that makes a valuable high-priority target for cybercriminals.
Sending a document via email is like writing it on the back of a postcard and popping it into the mailbox, for it to then be read by every single person who handles it on its journey to its destination. When you click "send" on an email it travels through firewalls, ISPs, servers, virus checkers and even data harvesting bots. It is stored, saved, copied and forwarded multiple times without any form of encryption. What this means is that email can very easily be compromised and the important data contained within it can be read and downloaded by unscrupulous third parties.
Microsoft releases KB5017389 update for Windows 11 2022 Update to fix dozens of problems
Ahead of the upcoming Patch Tuesday, Microsoft has released a preview version of the KB5017389 update for Windows 11.
KB5017389 is a cumulative update for Windows 11 2022 Update -- or Windows 11 22H2, if you prefer. It is a non-security update, but addresses a lengthy list of issues that have been discovered.
Don't install Ubuntu Linux 22.10 'Kinetic Kudu' Beta (unless you are a cool dude)
Installing a pre-release version of an operating system on a production machine is downright foolish. You can run into serious bugs, and potentially, lose data too. So I urge you not to install Ubuntu 22.10 "Kinetic Kudu" Beta which was released earlier today... unless you are cool dude or "dudette."
Yeah, the truly cool Linux users are willing to throw caution to the wind and ruin their current Ubuntu installation in favor or living dangerously. Of course, these brave Linux users should also have their important data backed up just in case something catastrophic happens. After all, failing to backup is certainly not cool.
Simplify developers' deployment journey with continuous deployment
Most development teams struggle early in the process of shifting to cloud native application development and deployment. Their existing tool chains that have served them well in the past struggle with them as they attempt to scale their deployment footprint. The last thing they want to do is invest time in becoming experts in deployment. They don’t want to create or troubleshoot a deployment process -- they want to code with a GitOps approach, and know their software has been deployed successfully, is working as expected, and providing value to the customer. How can team leaders satisfy those desires? Automated continuous deployment. Continuous deployment simplifies delivery, ensures the software works at each deployment stage and allows developers to focus on what they do best.
When it comes to the development cycle, faster is better. Companies with higher release rates generate four to five times higher revenue growth than those pushing updates less often. To keep up with the competition, fast and efficient deployment of quality, stable software is the priority.
Keep your payment service provider close, and your fraud prevention partners closer
The payments ecosystem is increasingly dynamic and so too is the fraud landscape that threatens it. The UK is the second-largest country for online transactions in 2022; this is set to continue, despite ongoing global supply chain issues and inflationary pressure. At the same time, this increase in online transactions brings another problem: digital commerce fraud.
Merchants need to have a detailed understanding of their payment profile to manage threats and balance risk. According to the Merchant Risk Council, the amount merchants spend to tackle online fraud increased five-fold between 2019 and 2021. In 2019, eCommerce merchants spent an average of 2 percent of their annual revenue on fraud prevention. By 2021, that share had grown to 10 percent. However, it’s a battle merchants are continuing to lose, especially in the UK. Additional data collected from Merchant Machine suggests that the UK has the highest number of fraud cases per 1,000 inhabitants (123), with €10,414 stolen by fraudsters for every 1,000 citizens.
Cyren Hybrid Analyzer improves malware detection without hitting performance
Undocumented malware only makes up a small proportion of files, yet it presents a high risk of infection. Sandboxing and analyzing everything in order to eliminate risk, however, has a major impact on performance.
To address this Cyren has produced Hybrid Analyzer. Using emulation -- effectively automatically reverse engineering the code contained in a file -- this new offering operates 100 times faster than a malware sandbox and between five and 20 times faster than alternative file analysis solutions.
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.