Security News > 2022 > July

In order to provide organizations with knowledge to lower their cyber risk, Dr. Sander Zeijlemaker, launched his book - "Managing the Dynamic Nature of Cyber Security: A future-proof strategy, this is how it works". In this Help Net Security video, he talks about how the book helps organizations define solid security strategies.

AppViewX has raised $20 million in a Series B funding round, led by growth equity firm and existing investor, Brighton Park Capital. Through its Automation Platform, AppViewX reduces risk and ensures compliance in many of the most demanding Fortune-ranked organizations across financial services, banking, healthcare, oil and gas, manufacturing, and high tech.

Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service attacks against Russian sites. "The apps were not distributed through the Google Play Store, but hosted on a domain controlled by the actor and disseminated via links on third party messaging services."

Google on Tuesday officially announced support for DNS-over-HTTP/3 for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS, which was incorporated into the mobile operating system with Android 9.0.

60% of IT and security leaders are not confident in their organization's ability to ensure secure cloud access, even as adoption continues to grow across a diverse range of cloud environments, according to research from the Ponemon Institute. The Global Study on Zero Trust Security for the Cloud surveyed nearly 1,500 IT decision makers and security professionals worldwide to examine the pain points they experience in securing cloud environments and how zero trust security methods can enable digital transformation.

Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security. The same CVE can also be exploited in a cross-site scripting attack: a specially crafted HTTP request can bypass the Servlet Filter used to validate legitimate Atlassian Gadgets.

Improved cyber-resilency capabilties help to reduce risk. Does an organization's level of cyber-resiliency maturity also help foster innovation and deliver greater business success?To answer this question, ESG surveyed 750 IT decision makers and then segmented the respondents into cyber-resiliency stages.

Keeping business data secure is a challenging task, complicated by the proliferation of endpoints operating outside of the organizational network and the constant evolution of threat vectors. Dell and Intel's decades long co-enablement relationship is founded on their commitment to keeping commercial customer networks secure.

In this article, Dell Technologies – along with the partners at Intel and Microsoft – provide a blueprint for hybrid working success. You’ll look at the future-ready technologies and methodologies...

A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges. According to court documents [PDF], Paunescu allegedly ran a "Bulletproof hosting" service using computers in Romania, America, and other locations to help cybercriminals distribute Gozi and other malware including the Zeus Trojan and SpyEye Trojan.