Author: Admin

Software company One Identity has acquired identity access management (IAM) solutions provider OneLogin.  News of the acquisition by the Quest Software business was announced yesterday; however, the terms of the deal were not disclosed.  One Identity said that combining OneLogin with its existing privileged access management (PAM), identity governance and administration (IGA), and active directory management and security (ADMS) solutions will allow customers “to take a holistic approach to identity security with trusted, proven technology in each major category.” Together,…

This week is Snyk’s annual SnykCon virtual conference that aims to connect with the global developer and security communities and Docker is excited to participate as a gold sponsor for the second year! At last year’s conference, we discussed our partnership with Snyk to incorporate their leading vulnerability scanning across the entire Docker application development lifecycle.  This partnership is just as important this year, as we’ve seen supply chain attacks happening at an alarming rate….

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, FoggyWeb, Google Chrome Bugs, Hydra Malware, NOBELIUM and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending…

The Apache HTTP Server Project patched a path traversal vulnerability introduced less than a month ago that has been exploited in the wild. Background On October 5, the Apache HTTP Server Project patched CVE-2021-41773, a path traversal and file disclosure vulnerability in Apache HTTP Server, an open-source web server for Unix and Windows that is among the most widely used web servers. According to the security advisory, CVE-2021-41773 has been exploited in the wild as…

A voucher scheme launched by the Northern Ireland Assembly to stimulate economic growth following Covid-19 lockdowns is having an identity crisis.  Under the £145m High Street Spend Local Scheme, the approximately 1.4 million residents of Northern Ireland who are aged 18 and over are eligible to apply for a £100 Spend Local voucher.  The voucher takes the form of a prepaid card, which is accepted by businesses across Northern Ireland. To apply for the card, residents must submit…

From 5 October to 3 November 2021,  eligible PCI SSC stakeholders are invited to review and provide feedback on the PTS POI Modular Security Requirements v6.1 draft during a 30-day request for comments (RFC) period. The full list of stakeholders eligible to participate can be found on the PCI SSC RFC webpage.

Welcome back to our executive blog series, where I chat with some of the pivotal players behind McAfee Enterprise to hear their takes on today’s security trends, challenges, and opportunities for enterprises across the globe. Dive into the conversation below with Vice President, Global Commercial, Britt Norwood. Q: What’s the first career you dreamed of having as a kid? My first career was as a paper boy from 5th through 8th grade, but I always wanted…

Jack Wallen dispenses his bi-annual advice to Android users on how to avoid falling prey to malicious apps and bad actors. Image: rafapress/Shutterstock That’s right, Android users, it’s that time again. It seems every six months or so I am driven to offer up some tough love for our favorite mobile platform. Why? Because bad actors are always out there, hoping to steal your data and wreck your lives. It happens … frequently. And no…