Global Checkmarx study reveals 63% of participating organisations have fallen victim to a software supply chain attack in past 2 years

As open source software grows to represent an ever-increasing percentage of enterprise application code, application security (AppSec) leaders and developers are challenged to mitigate the risk of falling victim to the weaponization of such packages by threat actors. Reporting on current open source AppSec practices and problems, Checkmarx, the industry leader in cloud-native application security for…

Read More

Reliance Jio, C-DOT spearhead cybersecurity push in El Salvador, Guatemala

India’s strategic foray into Central America: India is rapidly expanding its influence in Central America, particularly in the telecommunications and cybersecurity sectors. (Reuters) India is rapidly expanding its influence in Central America, particularly in the telecommunications and cybersecurity sectors. With a focus on El Salvador and Guatemala, India is set to make significant inroads, leveraging…

Read More

SYSTEMIC CYBER INCIDENTS REQUIRE RISK MANGEMENT SECURITY POLICIES

In July, a software update from the cybersecurity firm CrowdStrike caused Microsoft Windows operating systems to crash. The US Government Accountability Office called this event “potentially the largest IT outage in history.” The broad-based impact generated by the incident heightens the need to develop an effective risk management process to combat systemic cyber risks. The CrowdStrike incident…

Read More

Insurers to see limited hit from CrowdStrike disruption, Fitch says

The global insurance and reinsurance industry is likely to avoid any major financial impact from the outage sparked by CrowdStrike’s glitchy security software update that disrupted internet services worldwide last week, Fitch Ratings said. Preliminary estimates suggest that insured losses could be in the range of mid-to-high single-digit billion dollars and most claims would be…

Read More

CrowdStrike CEO Steps in as Microsoft Azure outage Grounds Flights & Other Businesses

The Azure outage, which originated in Microsoft’s Central US region on Thursday evening, had a cascading effect on multiple airlines. A major outage of Microsoft’s Azure cloud computing platform this week wreaked havoc on airlines globally, causing flight groundings and operational disruptions. The incident highlighted the vulnerability of cloud-dependent systems, prompting cybersecurity firm CrowdStrike to…

Read More

WazirX Suffers Security Breach, Rs 1965 crore of funds moved

India’s largest crypto exchange, WazirX, has been hacked, resulting in the transfer of cryptocurrencies worth over ₹1,900 crore to an anonymous wallet. Republic Business has reached out to WazirX for confirmation of the total loss, but the exchange has yet to respond. The hacker swapped Tether (USDT), Pepe tokens, and GALA into Ether. Blockchain data…

Read More

Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks

The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it’s effective at locking up files and sucking up memory capacity.   A ransomware strain coined “ShadowRoot” has been found targeting Turkish businesses through phishing attacks. The phishing emails contain a PDF attachment disguised as an invoice with embedded…

Read More

Microsoft’s Partnership With Middle East AI Firm Under Scrutiny

A much-trumpeted deal between Microsoft and Group 42 in the Middle East and Africa could be quashed due to geopolitical concerns, as US policymakers raise questions about Group 42’s relationship with China, highlighting challenges US companies face in forging business ties in the region. Despite assurances from Group 42 that it is cutting all military…

Read More

SANS-GIAC Workforce research report for yr 2024 ‘Hire, Retain Mid-level cyber security professionals

SANS-GIAC Workforce research report for the year 2024 is based on a first-of-its-kind survey that analyzed the cybersecurity workforce with the goal of identifying the key factors to successfully build high-performing cybersecurity teams. The report focuses on efforts to hire and retain mid-level cyber security professionals The survey results analysed in this report zero in…

Read More