Security News

The growing adoption of cloud has elevated cloud security fear for IT teams, as they grapple with the challenges and concerns arising from the widespread use of complex cloud environments while diligently addressing them, according to SUSE. Cloud security fear is growing. Data stores as top cloud security concern: 31% of respondents named data stores hosted by cloud or third parties as their top cloud security concern.

In this Help Net Security video, Jacob Garrison, Security Research for Bionic, explains the limitations of shifting left in application security. Achieving 50%+ application test coverage is unrealistic, especially in microservices environments spanning hundreds of codebases.

In this Help Net Security interview, Sunil Potti, GM and VP of Cloud Security at Google Cloud, talks about how new security and networking solutions powered by AI help improve security so Google customers can address their most pressing security challenges and remain ahead of an ever changing threat landscape. AI plays a significant role in Google Cloud's recently announced new security and networking solutions.

This policy from TechRepublic Premium will help you create security guidelines for devices that transport and store data. The IT department will be responsible for implementing, adhering to and maintaining these controls.

Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage devices that could result in the execution of arbitrary commands on affected systems. Tracked as CVE-2023-27992, the issue has been described as a pre-authentication command injection vulnerability.

Taiwanese company ASUS on Monday released firmware updates to address, among other issues, nine security bugs impacting a wide range of router models. Of the nine security flaws, two are rated Critical and six are rated High in severity.

While the use of Infrastructure as Code has gained significant popularity as organizations embrace cloud computing and DevOps practices, the speed and flexibility that IaC provides can also introduce the potential for misconfigurations and security vulnerabilities. IaC misconfigurations are mistakes, or oversights, in the configuration of infrastructure resources and environments that happen when using IaC tools and frameworks.

As security tools deliver more telemetry, security pros must search for relevant signals in a growing volume of data. Software developers can use those tools to bake security policies directly into applications, to automate data protection.

Decades ago, Tony Turner, CEO of Opswright and author of Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, faced an SQL Slammer worm. During his 25-year career in supply chain security and product security, he became an expert in engineering, security, and product design and he even served as the VP of R&D at Fortress.

Microsoft announced the public preview launch of Win32 app isolation, a new Windows 11 security feature designed to sandbox 32-bit desktop applications.Recently announced during Microsoft's Build 2023 conference, Win32 app isolation uses AppContainer to boost security by mitigating the potential harm caused by compromised applications and protecting the user's privacy.