Jan 11, 2024NewsroomCybersecurity / Software Security The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network […]
anecdotes, a Palo Alto, CA-based enterprise GRC (Governance, Risk and Compliance) technology company, raised $25M in Series B funding. The round was led by Glilot Capital Partners, with participation from existing investors Red Dot Capital Partners, Vintage Investment Partners, and Shasta Ventures, with participation from Vertex and DTCP. The company intends to use the funds […]
Jan 08, 2024NewsroomArtificial Intelligence / Cyber Security The U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years. “These security and privacy challenges include the potential for adversarial manipulation of training data, […]
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, […]
A new National Institute of Standards and Technology (NIST) report on the cybersecurity of genomic data found major privacy gaps in how the data is generated, stored and shared. The paper argues that a NIST privacy framework focusing on the uniqueness of genomic data sensitivity should be established to help organizations that aggregate the data […]
Indian information technology company HCL Technologies reported a ransomware attack to regulators on Wednesday and said that it is investigating the incident. In a filing with the National Stock Exchange of India, the company said it “has become aware of a ransomware incident in an isolated cloud environment for one of its projects.” “There has […]
Dec 16, 2023NewsroomCyber Security / Incident Response China’s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to “improve the comprehensive response capacity for data security incidents, to ensure timely and effective control, […]
Facial recognition technology company Clearview AI has reached a settlement with plaintiffs in a class-action privacy lawsuit after a long court battle, according to a court docket entry filed November 30. The terms of the settlement are not yet public. The docket entry from an Illinois federal court noted that the parties to the case […]
The use of automated security technology is growing rapidly, which in turn is propagating the “shift everywhere” philosophy – performing security tests throughout the entire software development life cycle – across more organizations, according to Synopsys. This year’s findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject […]