U.S. and U.K. cyber, law enforcement and intelligence agencies issued a joint advisory Friday offering detailed information on how to defend against the activities of the Russian Foreign Intelligence Service, or SVR, in the wake of the 2020 SolarWinds attacks.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
CISA is investigating whether five U.S. government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to a senior official. Security researchers believe that at least two nation-state groups have been attempting to exploit these flaws.
The latest edition of the ISMG Security Report features an analysis of British spy chief Jeremy Fleming’s "cybersecurity call to arms." Also featured: Insights on COVID-19 business continuity planning; the wisdom of the late Dan Kaminsky.
Microservices architecture seems to have become de rigueur for a “modern” systems design. But what are the advantages, and disadvantages of microservices in practice, and where are they headed over the next few years?
Download this eBook and learn:
Why microservices are being used to re-architect existing...
Cloud migration is a top strategic priority for many banks, insurers and telecoms providers. Following the lead of FinTech firms, almost all have this journey on their radar, but the benefits are yet to be captured.
Download this eBook and learn:
Why ad hoc analysis leads to difficult cloud migrations;
Can the essential activities of application refactoring be significantly accelerated by applying software intelligence?
Download this guide and learn about:
The five approaches to application modernization;
The most common Analysis and Action motions used during application refactoring;
Accelerating the common...
Agile techniques, open-source component reuse, scripting languages and cloud platforms have all made developers more productive. Yet, developer productivity is still a problem that plagues engineering management.
Download this guide and learn:
Why developers spend more than half their productive time understanding...
Some security experts are questioning whether Experian is doing enough to ensure security after a researcher discovered that an API the credit reporting firm uses to allow lenders to check the credit score of prospective borrowers could expose customer's scores.
A lawsuit alleges that a security flaw in a Google COVID-19 contact-tracing tool is exposing personal and medical information of millions of users to third parties through device system logs. But Google says it reviewed the issue, updated code and is ensuring the fix is rolled out to users.
A Chinese advanced persistent threat group known as Naikon deployed a new malware backdoor to wage a lengthy cyberespionage campaign against military organizations in Southeast Asia, security firm Bitdefender reports.