Security News > 2021 > February > Week in review: Most used MITRE ATT&CK tactics, boosting the “Sec” in DevSecOps

Week in review: Most used MITRE ATT&CK tactics, boosting the “Sec” in DevSecOps
2021-02-21 08:55

Phishers tricking users via fake LinkedIn Private Shared DocumentPhishers are trying to trick users into opening a "LinkedIn Private Shared Document" and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns.

Apple details major security, privacy enhancements in its devicesApple has released on Thursday a newer version of its Platform Security Guide, outlining the security and privacy innovations and improvements its users will be able to take advantage of.

Tips for boosting the "Sec" part of DevSecOpsThe most significant barrier to achieving DevSecOps is the continued perception that "Sec" is not already a part of "Dev" and "Ops", says James Arlen, CISO at cloud data platform provider Aiven.

Why contextual machine learning is the fix that zero-trust email security needsEmail data breaches are on the rise.

Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source codeMicrosoft has completed its internal investigation about the Solorigate security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions.

Most security pros think a WAF is high maintenanceAn organization's web application firewall is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are spending an outsized allotment of resources on modifying these mission-critical elements, a Neustar report reveals.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/ZpnAsGJHjIc/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mitre 3 1 10 1 2 14