Threats

Vulnerability Warning

Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons

In this episode of the podcast (#190), sponsored by LastPass, Larry Cashdollar of Akamai joins us to talk about how finding his first CVE vulnerability, more than 20 years ago, nearly got him fired. Also: Katie Petrillo of LastPass joins us to talk about how some of the security adjustments we’ve made for COVID might not go away any time soon.

5G Tower

Opinion: Staying Secure Through 5G Migration

To achieve their 5G transformation, telecommunications providers require security solutions and platforms built from the ground up for modern, dynamic business models.

Developer in darkened room

Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt

The pandemic isn’t the only thing shaking up development organizations. Application security is a top concern and security work is “shifting left” and becoming more intertwined with development. In this podcast, Security Ledger Editor in Chief Paul Roberts talks about it with Jonathan Hunt, Vice President of Security at the firm GitLab.

Adobe Lock Concept

Public Sector Mega-Vendor Tyler Technologies Says It Was Hacked

Tyler Technologies, the U.S.’s largest provider of software and services to the public sector said on Wednesday that it was hacked by unknown assailants, who gained “unauthorized access” to the company’s IT and phone systems. Tyler, which sells software that supports a wide range of public sector functions such as permitting, inspections, 311 systems and utility billing said that it has hired independent IT experts to investigate the incident. The company’s MUNIS ERP (enterprise resource planning) technology is widely used by local governments across the U.S. “We are treating this matter with the highest priority and working with independent IT experts to conduct a thorough investigation and response,” wrote Matt Bieri, the company’s Chief Information Officer in an email obtained by The Security Ledger. Tyler is also working with law enforcement. The company’s web page displayed a message saying it was “temporarily unavailable” Wednesday evening. In the email message to […]

Hooded Hacker Concept

As Election Day Nears, Kremlin Leans on Hackers-for-Hire

The DOJ indicted a Russian national for his role in a campaign to undermine the U.S. election…and mine some cryptocurrency along the way. It is the latest evidence of Russia’s willingness to use cyber criminals to conduct state-sponsored espionage.