by Azalio tdshpsk | Mar 13, 2024 | Security
The US federal government has released a software attestation form intended to ensure that software producers partnering with the government leverage minimum secure development techniques and tool sets.The form was announced March 11 by the Department of Homeland...
by Azalio tdshpsk | Mar 12, 2024 | Security
JetBrains has released fixes for two critical security vulnerabilities in its TeamCity On-Premises CI/CD system discovered by cybersecurity company Rapid7.The two vulnerabilities reported in late-February by Rapid7 would enable an authenticated attacker with HTTP(S)...
by Azalio tdshpsk | Mar 1, 2024 | Security
President Joseph Biden has issued an executive order intended to protect Americans’ sensitive personal data from exploitation from countries of concern including China, Russa, Iran, and North Korea.Issued February 28, the order authorizes the attorney general to...
by Azalio tdshpsk | Mar 1, 2024 | Security
GitHub has begun rolling out push protection for all of its users, a secrets scanning feature that gives users the option to remove secrets from commits or bypass a block.The policy, announced February 29, affects supported secrets. It might take one to two weeks for...
by Azalio tdshpsk | Feb 29, 2024 | Security
With the growth of sophisticated attacks against critical software and infrastructure systems, multi-factor authentication (MFA) has emerged as a critical layer of defense against unauthorized access. An increasing number of enterprise and developer-facing technology...
by Azalio tdshpsk | Feb 28, 2024 | Security
Nearly three-quarters of codebases assessed for risk by Synopsis in 2023 contained open source components with high-risk vulnerabilities, according to a just-released report from the company, a provider of application security testing tools.While the number of...
