Security News

Commonwealth Bank of Australia cyber defence operations leader Andrew Pade is building an AI legacy that will protect customers from cyber attacks and security professionals from career burnout. Rew Pade took on the role of general manager of cyber defence operations and security integration at CBA just over three years ago.

Wing Security, a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution that solves for auto-email forwarding as well. Bad actors can use these email forwarding rules to exfiltrate data after a successful attack, or as a means to spread phishing campaigns within organizations.

With global governments having collectively pledged more than $38 billion in public funds for quantum technologies and $2.1 billion of new private capital flowing to quantum companies in 2022, quantum technologies, particularly quantum computers, are rapidly moving from the lab to the commercial marketplace. By leveraging the principles of quantum mechanics, quantum computers have the potential to perform certain computations exponentially faster than classical computers.

Red Piranha has released the latest Crystal Eye consolidated security platform officially in global collaboration with Intel on the 12th of October and more details on the Network Builders Panel with Intel later that month. The release of Crystal Eye 5.0 OS is timed with the new range of products launched in collaboration with Intel, aimed at the private data centre for managed services providers to provide Security as a Service and the Telco space for advanced, high-throughput security detection, designed for use across Smart Cities.

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS account was compromised last week.The company detected evidence of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to gain access to a Sumo Logic AWS account.

We can and should get the benefits of the cloud while taking security back into our own hands. The decoupling principle applies that idea to cloud services by making sure systems know as little as possible while doing their jobs.

SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so safeguarding the organization's SaaS app stack and data within is paramount.

The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk.

The UK government has set in train plans to introduce legislation requiring tech companies to let it know when they plan to introduce new security technologies and could potentially force them to disable when required. They could mean the Home Office get advance access to technical details of security measures employed by popular big tech platforms so it can access user data and monitor nefarious activity.

This gap is especially visible in file upload security. Misconfiguration and increased updates required for microservices open the door for file upload attacks leveraging vulnerable and outdated components.