VMware announced that it completed the acquisition of Pivotal Software, a cloud-native platform provider. “We believe that modern application development solutions and practices need to be easily accessible to everyday enterprises across the globe. With Pivotal’s developer capabilities as the foundation, we’ll focus on delivering consumable, enterprise-ready cloud native offerings to customers to help them … continue reading
Mastercard announced an agreement to acquire RiskRecon to help financial institutions, merchants and governments to secure their digital assets. With RiskRecon’s AI and data-driven technology is designed to help organizations proactively manage cyber risks and better safeguard intellectual property and consumer and payment data. “By becoming part of their team, we have an opportunity to … continue reading
Software applications have become significantly more complex over the past decade. This bodes well for the creation of new application-based business opportunities and additional customer touchpoints, however increased software complexity also opens the door for more malicious attacks and high-impact data leaks. Ever-nimble and determined threat actors are reinventing their approaches to align with current … continue reading
In a year where data breaches at Facebook have seen no signs of slowing down, another blow has been dealt. A reported 267 million Facebook user IDs and phone numbers were exposed online for anyone to access without a password or any authentication. Most of the records affected users from the United States. The UK … continue reading
Apple announced a bug bounty program that rewards up to $1,500,000 on finding issues that occur on the latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration. In addition, Apple said it offers public recognition for those who submit valid reports and will match donations of the bounty payment … continue reading
XebiaLabs announced the release of its DevOps Platform version 9.5. This release is designed to provide business-level insight into complete software releases. The new release includes a Delivery Patterns feature, which synchronizes the delivery of business applications across technical release pipelines, according to the company. With Delivery Patterns, users can track business applications, synchronize component … continue reading
The JavaScript package manage provider npm has found a security vulnerability that can open access to arbitrary files on a user’s system. According to the company, npm versions prior to 6.13.4 made it possible for a globally-installed package to overwrite an existing binary in the target location. Npm is recommending an to update to npm … continue reading
Security has hit a low point this year, as 2019 saw the 2nd, 3rd and 7th biggest breaches of all time measured by the number of people that were affected. The largest breach of the year occurred in May when First American Financial Corporation leaked 885 million records of documents related to mortgage deals going … continue reading
Software company Solo.io launched the WebAssembly Hub to allow users to easily add new functionalities to their service mesh. “At Solo.io, we believe that extending the functionality of your service mesh should be simple and secure,” said Idit Levine, founder and CEO of Solo.io. “This is why we’re excited about integrating Wasm with Envoy Proxy. … continue reading
As mobile APIs become more full-featured and rich, they become more dependent on data, key stores and connectivity profiles that can result in new vectors of attack. This drives the need for better security and best practices to patch up those vulnerabilities. Gartner expects that API abuse will be the number one attack vector for … continue reading
Check Point announced that it will be integrating serverless security technology into its Infinity architecture, its security solution designed to support networks, mobile, endpoint, IoT and cloud environments. The serverless security technology is provided by Protego and designed to prevent malicious attacks on serverless functions in runtime and prevent vulnerable code from being deployed into … continue reading
The Contract for the Web is officially coming to life. The contract was created by web inventor Sir Tim Berners-Lee as a global plan of action to make the online world safer and accessible by anyone. “The power of the web to transform people’s lives, enrich society and reduce inequality is one of the defining … continue reading
