Security News

95% of companies face API security problems
2024-03-22 04:30

95% of respondents surveyed by Fastly said they had experienced API security problems in the last twelve months. "The results of our survey show that decision-makers know that increased reliance on APIs creates a risk of serious cyberattacks. But so far they are not doing enough about it. This is surprising given that the operational and reputational cost of a breach far outweighs the price of deploying a consolidated web application and API security solution from a single provider," said Jay Coley, Senior Security Architect at Fastly.

GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws
2024-03-21 10:30

GitHub on Wednesday announced that it's making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort...

US task force aims to plug security leaks in water sector
2024-03-20 18:32

US government is urging state officials to band together to improve the cybersecurity of the country's water sector amid growing threats from foreign adversaries. The Environmental Protection Agency announced it is seeking to establish a Water Sector Cybersecurity Task Force to beef up current work to implement "Immediate" solutions to prevent one of the US's most critical services from disruption.

Proofpoint: APAC Employees Are Choosing Convenience, Speed Over Cyber Security
2024-03-20 15:05

Cyber security company Proofpoint recently surveyed 7,500 employees and 1,050 security professionals in 15 countries, including Australia, Japan, South Korea and Singapore. Employees in the Asia-Pacific region were the most likely among global employees surveyed to say they were unsure about their personal responsibility for cyber security.

Generative AI Security - Secure Your Business in a World Powered by LLMs
2024-03-20 11:27

Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of...

Security best practices for GRC teams
2024-03-20 04:30

Even with the best-of-the-best tools and tech stack monitoring vulnerabilities, every security executive and GRC leader should still have some layer of paranoia. In this Help Net Security video, Shrav Mehta, CEO at Secureframe, talks about security best practices for GRC teams, highlights areas that security learners should pay close attention to, and discusses how security leaders can automate specific processes.

Security Response Policy
2024-03-19 16:00

Good cyber and physical security can make or break companies. The purpose of this Security Response Policy, written by Scott Matteson for TechRepublic Premium, is to outline the security incident response processes which must be followed.

Crypto wallet providers urged to rethink security as criminals drain them of millions
2024-03-19 14:30

Infosec researchers are noting rising cryptocurrency attacks and have encouraged wallet security providers to up their collective game. Check Point specifically cites the growth of attacks that abuse Ethereum's CREATE2 opcode, dubbing it a "Critical issue in the blockchain community" that's seeing millions of dollars worth of assets being drained from victims' wallets.

Avoid high cyber insurance costs by improving Active Directory security
2024-03-19 14:02

Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and 100% in 2023. Reinforcing Active Directory security is one way to protect an organization's critical infrastructure and manage or even potentially reduce the costs of cyber insurance.

Lynis: Open-source security auditing tool
2024-03-19 04:00

Lynis is a comprehensive open-source security auditing tool for UNIX-based systems, including Linux, macOS, and BSD. Hardening with Lynis. Lynis conducts a thorough security examination of the system directly.