One of the first low-level network tools that any computer user learns about is the venerable ping utility. Named after the eponymous sound effect from any and every old-school war movie scene involving submarines, the command is a metaphorical echo (see what we did there?) of the underwater version of RADAR known as SONAR. You […]
YOKOHAMA, Japan, Dec. 5, 2022 — The Open Source Security Foundation (OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world’s most important software supply chain security initiatives, today announced many new members from leading technology firms in sectors that span software development, cybersecurity, data science, platform-as-a-service, semiconductors, finance, think tanks, […]
Forget pests for a minute. Modern farms also face another – and more insidious – breed of threat. While I was in the UK police force and part of the National Cyber Crime Unit in 2018, I was asked to give a talk on cybersecurity at a National Farmers’ Union (NFU) meeting in southern England. […]
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The top 200 most common passwords in 2022 are bad, mkay?According to NordPass’ latest list of top 200 most common passwords in 2022, “password” is the most popular choice, followed by “123456”, “123456789”, “guest” and “qwerty“. Pre-auth RCE in Oracle […]
FBI Director Chris Wray is raising national security concerns about TikTok, warning Friday that control of the popular video sharing app is in the hands of a Chinese government “that doesn’t share our values.” Wray said the FBI was concerned that the Chinese had the ability to control the app’s recommendation algorithm, “which allows them […]
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the issue on […]
Phylum has added Automated Vulnerability Reachability to its software supply chain security platform capabilities. With the ability to focus only on fixing what matters, security pros can end the deluge of false positives and developers can innovate with greater speed and confidence. This new introduction, combined with Phylum’s ability to block and prioritize open-source code […]
Even with the shifting threat landscape, organizations view malware, phishing, and data breaches as their biggest threats. Almost a third of respondents in Fastly’s Fight Fire with Fire survey consider data breaches and data loss as the biggest cybersecurity threat to their organization over the next 12 months. Malware (29%) and phishing (26%) round out […]
It’s just under a month since iOS 16.1.1 came out for Apple iPhone users, fixing a pair of bugs that were listed with the worrying words “a remote user may be able to cause unexpected app termination or arbitrary code execution”. Both macOS 13 Ventura and iPadOS got updated at the same time, with a […]
New York City-based passwordless authentication solutions provider Hypr announced on Thursday that it has raised $25 million in a Series C1 funding round. The previous funding round, the Series C, was announced in April 2021, when the company raised $35 million. The latest investment, which brings the total to $97 million, was led by Advent […]