Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Dell Firmware Update Driver Vulnerability CVE-2021-21551

May 6, 2021 By Cyberint Research In Cyberint

Details of several high severity vulnerabilities in Dell's firmware update driver, grouped together as CVE2021-21551 with a CVSS score of 8.8, were published on 4 May 2021 and could lead to privilege escalation, denial of service and/or information disclosure on affected devices.

Cyberint

Read more about Dell Firmware Update Driver Vulnerability CVE-2021-21551

Are bots threatening the travel industry in 2021?

May 6, 2021 By Yasmin Duggal In Netacea

In our recent webinar, Netacea’s Head of Threat Research, Matthew Gracey-McMinn, and Enterprise Sales Manager for Travel and Tourism, Graeme Harvey, were joined by Director of Spike Digital, Duncan Colman, to delve into the top bots and cybersecurity threats set to target the travel industry in 2021.

Netacea

Read more about Are bots threatening the travel industry in 2021?

Snyk Code is now available for free

May 6, 2021 By Frank Fischer In Snyk

Snyk’s mission is to empower developers and DevOps teams to secure their applications. As part of that security mission, Snyk offers a Free plan for Snyk Open Source, Snyk Container, and Snyk Infrastructure as Code, so all developers can code securely. Today, we’re excited to announce that Snyk Code is now available for free as well.

Snyk

Read more about Snyk Code is now available for free

Top 10 DevSecOps best practices for building secure software

May 6, 2021 By Sneha Kokil In Synopsys

Ready to transition your organization to DevSecOps but unsure of where to begin? Get started with our top 10 DevSecOps best practices. By: Sneha Kokil, associate principal consultant, and Arvind Balaji, associate principal consultant, at Synopsys. While the software industry celebrates a decade of DevOps, there’s an increasing drive toward adopting DevSecOps and making security a part of software from early on.

Synopsys

Read more about Top 10 DevSecOps best practices for building secure software

Ask SME Anything: What are the major transformations behind SASE architecture?

May 6, 2021 By Netskope In Netskope

In this episode of Ask SME (Subject Matter Expert) Anything, Netskope’s Michael Ferguson explains the origin of SASE and how it is changing the way we look at data and cloud security. Netskope, the SASE leader, safely and quickly connects users directly to the internet, any application, and their infrastructure from any device, on or off the network. With CASB, SWG, and ZTNA built natively in a single platform, Netskope is fast everywhere, data centric, and cloud smart, all while enabling good digital citizenship and providing a lower total-cost-of-ownership.

Netskope

Read more about Ask SME Anything: What are the major transformations behind SASE architecture?

Stranger Danger: Your Node.js Attack Surface Just Got Bigger

May 6, 2021 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Snyk

Read more about Stranger Danger: Your Node.js Attack Surface Just Got Bigger

Pull Requests for Infrastructure Access

May 6, 2021 By Ev Kontsevoy In Teleport

Making frequent changes to cloud applications running in production is the de-facto standard. To minimize errors, engineers use CI/CD automation, techniques like code reviews, green-blue deployments and others. Git pull requests often serve as a foundational component for triggering code reviews, Slack notifications, and subsequent automation such as testing and deployments. This automated process enforces peer reviews and creates enough visibility to minimize human error.

Teleport

Read more about Pull Requests for Infrastructure Access

Device management blind to 125 percent increase in financial sector phishing attacks

May 6, 2021 By Hank Schless In Lookout

As guardians of valuable monetary assets and highly sensitive data, financial institutions are the perfect target for cybercriminals. According to IBM, the financial services sector was the number one target of cyberattacks in 2020 among all industries. This means these organizations continue to be challenged and invest heavily in both people and technology to make sure they can withstand attacks of any type.

Lookout

Read more about Device management blind to 125 percent increase in financial sector phishing attacks

Zendesk Best Practices on Spam Prevention

May 6, 2021 By Zendesk In Zendesk

The Zendesk Abuse Team shared their recommended best practices and answered questions from the community on spam preventions within the Zendesk instance.