Posted under: Research and Analysis As discussed in Application Architecture Disrupted, macro changes including the migration to cloud disrupting the tech stack, application design patterns bringing microservices to the forefront, and DevOps changing dev/release practices dramatically impact building and deploying applications. In this environment, the f

This month, Mozilla has announced plans to phase out support for the Firefox web browser app on the Amazon Fire TV product line.Amazon Fire TV exists both as an app and a physical stick that TV owners can install on their television sets to access a plethora of streaming services.Although Firefox will be no longer supported on Fire TV eff

Cryptocurrency rewards platform Celsius Network has disclosed a security breach exposing customer information that led to a phishing attack.Today, Celsius CEO Alex Mashinsky stated that Celsius' third-party marketing server was compromised, and threat actors gained access to a partial Celsius customer list."An unauthorized party managed to gain access t

A majority of the largest energy companies in the United States appear to have neglected the security of their domain names, according to CSC, a firm that specializes in securing online assets.The Biden administration is concerned about potentially damaging cyberattacks aimed at the country’s critical infrastructure, and it’s taking steps to help electric ut

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.In a brief announcing sanctions on Russia for actions against the U.S. interests, the White House is naming the Cozy Bear group of advanced hackers a

The rise of the cloud didn’t free us from concerns over who stores our data. Where matters, and major cloud providers and big data monopolies host a huge percentage of the world’s data. Thousands of organizations that store and manage personal, business and government data use big-name cloud providers. Smartphone platform companies house an

Today’s cloud security requires a new way of looking at threat models. Making a threat model can support your security teams before problems start. It helps them develop a strategy for handling existing risks, instead of detecting incidents at a later stage. Let’s walk through how to create a threat model that works for your cloud landscape. The

What can we say about 2020 that hasn’t already been said? Beliefs were shaken. Values were questioned. Truths were tested. Then COVID happened and things really got crazy. The World Health Organization declared the coronavirus outbreak a global pandemic on March 12, 2020. That same day cybersecurity got flipped on its head.  Entire businesses had

A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against U.S. organizations and interests.In an advisory issued today, the NSA

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce. April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released ones, among the issues addressed by the software giant there is a critical flaw in SAP Commerce. &#

For cybersecurity experts, artificial intelligence (AI) can both respond to and predict threats. But because AI security is everywhere, attackers are using it to launch more refined attacks. Each side is seemingly playing catch-up, with no clear winner in sight.  How can defenders stay ahead? To gain context about AI that goes beyond prediction, detect

NVIDIA this week unveiled Morpheus, a cloud-native application framework designed to help cybersecurity providers analyze more data without sacrificing performance.According to NVIDIA, Morpheus leverages machine learning to identify anomalies and threats — such as phishing, data leaks and malware — through real-time inspection of all IP traffic in an organiz

What is the objective of implementing cybersecurity in a business? The answer might vary depending on whether you ask a security professional or a business executive. However, in any cybersecurity implementation, it’s very important to stay focused on the big picture: cybersecurity is there to secure the business and its assets, so the business can concentra

The agency urges researchers to take precautions amid an ongoing targeted threat campaign.The Cybersecurity and Infrastructure Security Agency (CISA) is cautioning cybersecurity researchers to keep their guard up amid a wave of attacks targeting this particular group.Related Content:Google Updates on Campaign Targeting Security ResearchersSpecial Report: How

A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers.A zero-day vulnerability is when detailed information about a vulnerability or an exploit is released before the affected software developers can fix it.