lemmydev2

In this Help Net Security interview, Galal Ibrahim Maghola, former Head of Cybersecurity at G42 Company, discusses strategic approaches to implementing DevSecOps at scale. Drawing on experience in regulated industries such as finance, telecom, and critical infrastructure, he offers tips on ownership models, automation, and compliance. His approach focuses on collaborative practices that balance speed, security, and developer productivity. How do you recommend companies structure ownership of DevSecOps? Should security teams drive it, or is … More → The post Making security and development co-owners of DevSecOps appeared first on Help Net Security.

In April, the cybersecurity community held its breath as the Common Vulnerabilities and Exposures (CVE) program was plunged into a moment of existential crisis. In the end, an eleventh-hour reprieve saved the day. While CVEs do not encompass the full scope of network security issues, they are still a critical component to track as part of a security program. Over the last 25 years, the CVE program has evolved into a critical, shared, and global … More → The post Why we must go beyond tooling and CVEs to illuminate security blind spots appeared first on Help Net Security.

In case you can’t wait for your flash memory to die from write cycling, TeamGroup now has a drive that, via software or hardware, can destroy its own flash chips …read more

Security researchers have warned the 'FileFix' technique, which builds on the notorious 'ClickFix' tactic, is being used in the wild by threat actors.

Buy Now, Pay Later (BNPL) apps are everywhere these days. Whether you’re buying sneakers or groceries, chances are you’ve seen the option to split your payments over time. It’s quick and easy. But behind the convenience is a growing privacy concern that most users know little about. A new study from Incogni digs into just how much personal information BNPL apps collect and share. The research looked at eight of the most popular BNPL apps … More → The post Buy Now, Pay Later… with your data appeared first on Help Net Security.

Comments

404 Media has seen user manuals for Mobile Fortify, ICE’s new facial recognition app which allows officers to instantly look up DHS, State Department, and state law enforcement databases by just pointing a phone at someone’s face.

Three perfect 10s in the last month - ISE, ISE, baby Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, remote attacker to run arbitrary code on the operating system with root-level privileges. …

Silk Road criminal tipped police off to dirty cop who stole 50 seized bitcoins.

Computer scientist Peter Gutmann tells The Reg why it's 'bollocks' The US National Institute for Standards and Technology (NIST) has been pushing for the development of post-quantum cryptographic algorithms since 2016.…

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

Comments