Shadow code -- third-party scripts and libraries often added to web applications without security validation -- pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vu...

Backed by many of the world's largest companies for more than a decade, the Software Package Data Exchange specification is now an internationally recognized ISO/IEC JTC 1 standard. This comes during a transformational time for software and supply chain security. The Linux Foundation announced Thur...

The "Linux Threat Report 2021 1H" from Trend Micro found that Linux operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive thre...

Imagine finding out that your neighbor's identity was stolen and their life savings cleaned out by criminals who entered through their 'smart' washing machine. Ridiculous, you say? Well, have you checked your home Wi-Fi network lately? You might have several connected household gadgets and other dev...

The hacker who stole US$600 million in tokens from a cryptocurrency platform last week has been offered a security job by the platform. Most of the money has been returned to the Poly Network, but more than $200 million in assets remains locked in an account controlled by the hacker, whom the crypto...

People are freaking out about reports of NSO Group's Pegasus surveillance tool being used to spy on journalists, political dissidents, and other opponents of regimes worldwide. It's disheartening, and worth discussing. But why are we shocked? In Pegasus' case, the game theory is clear: some company ...

Hackers aren't the only ones evading security measures of many organizations. So are their remote workers. In a new report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizati...

A number of popular commercial applications in categories ranging from browsers to messaging and meeting apps all contained open-source components with security vulnerabilities, according to new research performed by Osterman Research for GrammaTech. Online meetings and email clients, which contain...

Bitdefender security researchers have uncovered a Romanian-based threat group active since at least last year targeting Linux-based machines with weak Secure Shell Protocol (SSH) credentials. The researchers discovered the group was deploying Monero mining malware used to steal cryptocurrency.

Early adopters seeking a premature peek of Windows 11 via unauthorized channels may be in for a nasty surprise -- a dose of malware. Kaspersky Lab reports that an unofficial installer is in the wild that promises to install the next version of Microsoft's ubiquitous operating system on a user's comp...

Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vul...

Called Email Protection, the feature will be initially distributed through a waiting list that anyone can add their name to. Consumers chosen from the list will be able to create a free, personal @duck.com email address. Email sent to the @duck address will be denuded of trackers before being forwar...

In addition to its condemnation of China, the White House announced that the U.S. Justice Department has filed charges against four Ministry of State Security hackers allegedly engaged in a multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, de...

After a successful rollout in the U.S. earlier this year, Amazon is expanding support for end-to-end encryption for video captured on its Ring products. Part of what's motivating this is probably setting a higher global standard so wherever Amazon goes, they will be welcome by satisfying stringent l...

When a website asks me to accept or decline cookies, I...
Loading ... Loading ...

LinuxInsider Channels