Security News

Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Reporting on the vulnerabilities of all the images in a cluster: This provides a comprehensive view of the security posture of all the images in a cluster and helps organizations prioritize remediation efforts.

A new dropper-as-a-service cybercrime operation named 'SecuriDropper' has emerged, using a method that bypasses the 'Restricted Settings' feature in Android to install malware on devices and obtain access to Accessibility Services. Restricted Settings is a security feature introduced with Android 13 that prevents side-loaded applications installed from outside Google Play to access powerful features like the Accessibility settings and Notification Listener.

The policy's purpose is to define for employees, IT department staff and users the process to be followed when experiencing a suspected IT-security incident. Receiving strange unprompted messages, error windows or pop-up alerts.

Google is rolling out a new banner to highlight the "Independent security review" badge in the Play Store's Data safety section for Android VPN apps that have undergone a Mobile Application...

Google Play, Android's official app store, is now tagging VPN apps with an 'independent security reviews' badge if they conducted an independent security audit of their software and platform. Starting with VPN apps, which Google considers critical for user privacy and security due to handling sensitive data, the Play Store will display the "Independent security review" badge in the Data Safety Section.

Microsoft has made fresh commitments to harden the security of its software and cloud services after a year in which numerous members of the global infosec community criticized the company's tech defenses. The long and short of it is that Microsoft is pushing the big AI button a few more times, more deeply embedding the tech throughout its security operations and products.

Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost the overall security of Microsoft's products and its customers and users. "In recent months, we've concluded within Microsoft that the increasing speed, scale, and sophistication of cyberattacks call for a new response," says Brad Smith, Vice Chair and President of Microsoft.

The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application Programming Interface contributing to a year-over-year reduction in the percentage of applications containing flaws, according to Veracode. While nearly 72% of applications in the financial services sector contain security flaws, this is the lowest of all industries analyzed and an improvement since last year.

Microsoft announced today the 'Secure Future Initiative,' pledging to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. "In recent months, we've concluded within Microsoft that the increasing speed, scale, and sophistication of cyberattacks call for a new response," said Microsoft President Brad Smith.

This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees' SaaS usage is becoming increasingly crucial for...