Risk Discovery

	[ News \| Blogs \| Reddits \| Lists \| Media \| ? ] HoneyDB
	[ privacy \| malware \| research \| vendor ]

Stories by Signal Sciences on Medium

CISO Challenges and Security’s New Path with Zane Lackey

The Importance of Unified Application Security for Your Multi-cloud Strategy

Application security needs to work with developers – or get left behind.

Starting the Avalanche: Application DoS In Microservice Architectures

Practical Tips For Defending Web Applications In The Age Of DevOps

AppSec Program for Startups with Neil Matatall

Thanks for making RSA 2017 a huge success

Next up on the Modern Security Series: DevOops: Redux

A Review of the Modern Security Series

Practical Tips for Web Application Security in the Age of Agile and DevOps

Tenable Blog

The State of OT Security, a Year Since Colonial Pipeline

CVE-2022-22972: VMware Patches Additional Workspace ONE Access Vulnerabilities (VMSA-2022-0014)

Mind the (Communication) Gap: How Security Leaders Can Become Dev and Ops Whisperers

Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures

Tenable.io Achieves StateRAMP Authorization as Part of Our Commitment to Protect State and Local Governments

Locate Tenable Compliance Templates Faster with Revamped Portal

3 Ways Security Leaders Can Work With DevOps to Build a Culture of Security

Announcing the 2022 Tenable Assure Partner Award Winners

Microsoft’s May 2022 Patch Tuesday Addresses 73 CVEs (CVE-2022-26925)

The Era of Responsible Cybersecurity Finally Arrives

Qualys Security Blog

Put SecOps in the Driver’s Seat with Custom Assessment and Remediation

How to Get Useful Monitoring of File-level Security

May 2022 Patch Tuesday | Microsoft Releases 75 Vulnerabilities with 8 Critical; Adobe Releases 5 Advisories, 18 Vulnerabilities with 16 Critical.

Ursnif Malware Banks on News Events for Phishing Attacks

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

Ransomware Insights from the FBI’s 2021 Internet Crime Report

Assessing Certificate Risk with Qualys VMDR

Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 2)

April 2022 Patch Tuesday: Microsoft Releases 145 Vulnerabilities with 10 Critical; Adobe Releases 4 Advisories, 78 Vulnerabilities with 51 Critical.

EDR Is Dead. Long Live Multi-Vector EDR.

Aqua Blog

Trivy’s Journey Continues: First Unified Scanner for Cloud Native Security

Detecting and Analyzing an Apache Struts Exploit with Tracee

Integrate OSS Container Vulnerability Data with Aqua and Sonatype Nexus

How Bayad is Securing Payment Collections for the Philippines

Unlimited Container Image Scanning in Docker Desktop with Trivy

Gartner Report for SBOMs: Key Takeaways You Should Know

Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?

Fortune 1000 CISOs: Active Protection is Key to Cloud Native Security

What’s New in Kubernetes Version 1.24

Securing at Cloud Native Pace with Aqua Terraform Provider

Trend Micro Research, News, Perspectives

Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware

Uncovering a Kingminer Botnet Attack Using Trend Micro™ Managed XDR

Trend Micro's One Vision, One Platform

Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys

S4x22: ICS Security Creates the Future

Security Above and Beyond CNAPPs

Examining the Black Basta Ransomware’s Infection Routine

NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service

AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell

New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware

Digital Shadows

Vulnerability Intelligence Round Up: The Good, The Bad, and The Risky

What we’re reading this month: May 2022

Advanced persistent threat group feature: Mustang Panda

Five years after the WannaCry dumpster fire, ransomware remains a global threat

ALPHV: The First Rust-Based Ransomware

Colonial Pipeline One Year Later: What’s Changed?

The Russia – Ukraine war: Two months in

Opportunity in the midst of chaos: Russian-speaking cybercriminals grapple with sanctions and forum takedowns

The Power Of Data Analysis In Threat Intelligence – Part 2: Machine Learning

What We’re Reading This Month: April 2022

The Cloudflare Blog

Wendy Komadina: No one excited me more than Cloudflare, so I joined.

Monitoring our monitoring: how we validate our Prometheus alert rules

Eurovision 2022, the Internet effect version

Internship Experience: Software Development Intern

Integrating Network Analytics Logs with your SIEM dashboard

Debugging Hardware Performance on Gen X Servers

Announcing our Spring Developer Challenge

Network performance update: Platform Week

How Ramadan shows up in Internet trends

Proof of Stake and our next experiments in web3