All posts in Security News

Mar 03, 2021 One of the most common ways cybercriminals breach enterprises is by finding security vulnerabilities in the applications they use. The last year delivered a plethora of security challenges. Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software . . . Read more

Commentary: Enterprises want their vendors to contribute to open source projects, but code is just the beginning. Image: iStock It turns out customers care about code contributions. At least, that’s one finding in the latest State of Enterprise Open Source report that Red Hat just released. The report’s author, Gordon . . . Read more

Apprenti works with tech companies in 15 states to expand the pipeline of software engineers, cloud administrators and data analysts. Image: IQoncept/istock Tech leaders who want to fill open jobs and hit diversity goals should test a new hiring strategy: Apprenticeship programs. Companies that can start hiring people based on . . . Read more
Attackers have weaponized code dependency confusion to target internal apps at tech giants. Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept (PoC) code dependency-confusion . . . Read more
The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics. The Russian-speaking group behind the infamous RTM banking trojan is now packing a trifecta of threats as it turns up the heat – part of . . . Read more
Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk. That photo that appears when someone disables his or her Zoom video, or those photos of a remote worker’s home office shared on Instagram may seem innocuous and playful. However, . . . Read more

Google announced its UI toolkit for cross-platform app development in 2018. On Wednesday, the company announced Flutter 2 and the availability of Dart 2.12. Image: Google In 2018, Google announced Flutter, the company’s UI toolkit for cross-platform app development. On Wednesday, Google announced Flutter 2, extending the toolkit to additional . . . Read more

Your Kubernetes YAML files need validation. Jack Wallen shows you a very easy tool that can drastically simplify that task. Image: Jack Wallen Must-read cloud If you’ve been navigating the waters of Kubernetes, you know how challenging it is. Not only are there a lot of moving parts, your pod . . . Read more

Use these six shortcuts to select Table elements and insert columns and rows quickly in Microsoft Excel, making your use of Tables that much easier. Image: iStock/muchomor More about Windows You’re probably familiar with selection shortcuts in Microsoft Excel. There are several that select text, sentences, whole paragraphs, and so . . . Read more

With so much automation in code writing process, results are rarely double-checked, which opens the door to vulnerabilities and downright danger. As the fallout from the SolarWinds hack broadens, we continue to learn more about just how it happened in the first place. There have now been four malware strains identified, . . . Read more