A pathway to the cloud: Analysis of the Reserve Bank of New Zealand’s Guidance on Cyber Resilience
The Reserve Bank of New Zealand’s (RBNZ’s) Guidance on Cyber Resilience (referred to as “Guidance” in this post) acknowledges the …
Analysis
Countdown to Ransomware: Analysis of Ransomware Attack Timelines
Intelligence & Analytics May 26, 2022 Black Basta Besting Your Network? This post was written with contributions from Chris Caridi and Kat …
CISA Releases Analysis of FY21 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments (RVAs) conducted …
Vicarius Nmap Scan Analysis helps security professionals identify high risk assets
Vicarius released a new free offering—Nmap Scan Analysis—to make vulnerability assessment, prioritization, and remediation available to …
Researchers Share In-Depth Analysis of PYSA Ransomware Group
An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software …
How to Build a Custom Malware Analysis Sandbox
Before hunting malware, every researcher needs to find a system where to analyze it. There are several ways to do …
Analysis of leaked Conti files blows lid off ransomware gang
It was a Ukrainian security specialist who apparently turned the tables on the notorious Russia-based Conti, and leaked the ransomware …
Invicti Security Adds Software Composition Analysis to Its Industry- Leading AppSec Platform
AUSTIN, TX – Feb. 28, 2022 – With headline-grabbing vulnerabilities such as Log4Shell drawing attention to the risks presented by …
AdaCore GNAT Dynamic Analysis Suite helps customers build critical software systems
AdaCore released its new GNAT Dynamic Analysis Suite – a bundle of analysis, testing, verification, and code coverage technologies to …
Hackers Using New Malware Packer DTPacker to Avoid Analysis, Detection
A previously undocumented malware packer named DTPacker has been observed distributing multiple remote access trojans (RATs) and …
2022 Forecast: What’s Next for Tech Workers?
These past two years will stand as the weirdest and wildest any software developer, engineer, architect, or their managers have ever lived …
How to Find Dangerous Log4j Libraries
The Apache log4j logging library has become the COVID-19 of technology. No sooner than we fix one version than another pops up to annoy …
Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory
The early lessons from Log4j indicate that key security principles can help better handle these high-risk software supply chain security …
Log4Shell: We Are in so Much Trouble
The open source Java logging library Apache Log4j is used a lot. And, when I say a lot, I mean it’s used in hundreds of …