Sonatype Acquires Vor Security to Expand Nexus Open-Source Component Support

Sonatype announced the acquisition of Vor Security to extend their open-source component intelligence solutions’ coverage to include Ruby, PHP, CocoaPods, Swift, Golang, C, and C++. Sonatype, well known as the creators of artifact repositories Apache Maven and Nexus, have extended their previously Java, JavaScript, .Net and Python centric component intelligence capabilities to include the new … Read more

From BlackEnergy to ExPetr

To date, nobody has been able to find any significant code sharing between ExPetr/Petya and older malware. Given our love for unsolved mysteries, we jumped right on it. Read full news article on Exploit This  

Food Supplier Passes Squid Off as Octopus

Food Supplier Passes Squid Off as Octopus According to a lawsuit (main article behind paywall), “a Miami-based food vendor and its supplier have been misrepresenting their squid as octopus in an effort to boost profits.” Tags: Read full news article on Schneier on Security  

So You Think You Can Spot a Skimmer?

This week marks the 50th anniversary of the automated teller machine — better known to most people as the ATM or cash machine. Thanks to the myriad methods thieves have devised to fleece unsuspecting cash machine users over the years, there are now more ways than ever to get ripped off at the ATM. Read … Read more

The ‘slow-burn’ cost of a cyber attack

Businesses have been warned that they may be hit for damages in multiple ways after being affected by a cyber-attack. A new report by Lloyd’s of London says there are two different costs linked to a cyber-attack: Read full news article on BetaNews  

How to Achieve Continuous Container Security for Your CI/CD Pipeline

Integrate and Automate Security in Your Build, Ship, & Run Processes As enterprises move quickly to deploy containers and microservices with a continuous integration and delivery (CI/CD) pipeline, security often becomes an afterthought. DevOps and security teams should also strive to achieve continuous container security in the pipeline. Read full news article on DABCC  

8 Things Every Security Pro Should Know About GDPR

In just under one year, the European Union’s General Data Protection Regulation (GDPR) will formally begin being enforced. The statute requires any company, or entity, that handles personal data belonging to EU residents to comply with a broad set of requirements for protecting the privacy of that data. Read full news article on dark READING … Read more