It should be the case that in the business world systems deliver for the customer. But often there can be conflict between what the customer wants -- usability and feeling valued -- and what the developer is looking to provide -- technical mastery, collaboration and self-serve capabilities. We spoke to Gilad Shriki, co-founder of Descope to discover how enterprises can satisfy the needs of both. BN: What is developer and customer onboarding and why is it important? GS: Developer onboarding is the process of integrating new developers into a new software project and customer onboarding is the p ..read more

Exciting news for Linux enthusiasts: Ubuntu Linux 24.10, codenamed "Oracular Oriole," has officially released its daily images for public testing. This release is designed for developers and testers who are eager to get a first look and provide feedback on the upcoming features of this new Ubuntu release. As of today, the latest build, dated May 9, 2024, is available for download. This continuous development cycle is a crucial part of Ubuntu’s development philosophy, providing a transparent process that allows both developers and users to participate in refining and enhancing the system before ..read more

Patching is something that we all know we have to do. But it is easier said than done. In reality, patching can be hard due to problems around application compatibility, having adequate downtime windows, or more pressing business risks to manage. This can lead to some very serious software problems being left open and vulnerable to exploitation. Here are three examples of common software vulnerabilities that existed for years with updates available, yet are still regularly targeted by threat actors. Example #1 -- CVE-2020-1472 Zerologon is an unauthenticated privilege escalation that can be us ..read more

A new report from Fortinet shows that the second half of 2023 saw attackers increase the speed with which they capitalized on newly publicized vulnerabilities. Attacks were carried out 43 percent faster than 1H 2023, starting on average 4.76 days after new exploits were publicly disclosed. But despite getting better at spotting new exploits cybercriminals are also continuing to target old ones. FortiGuard Labs observes threat actors exploiting some vulnerabilities that are more than 15 years old. Derek Manky, chief security strategist and global VP threat intelligence at FortiGuard Labs says ..read more

In The DevSecOps Playbook: Deliver Continuous Security at Speed, Wiley CISO and CIO Sean D. Mack delivers an expert analysis of how to keep your business secure, relying on the classic triad of people, process, and technology to examine -- in depth -- every component of DevSecOps. In the book, you'll learn why DevSecOps is as much about people and collaboration as it is about technology and how it impacts every part of our cybersecurity systems. You'll explore the shared responsibility model at the core of DevSecOps, as well as the people, processes, and technology at the heart of the fra ..read more

The latest Email Threat Trends report from VIPRE Security Group identifies the US as the top source of spam emails globally, followed by the UK, Ireland, and Japan. The US, UK, and Canada are the top three countries most subjected to email-based attacks. Looking at targets, the manufacturing, government, and IT sectors are the most attacked by malicious actors. In Q1 2024, the manufacturing sector suffered 43 percent of email-based attacks, with government (15 percent) and IT (11 percent) trailing well behind. This is a change from Q1 2023, when attackers targeted the financial (25 percent), h ..read more

Used for productivity, generative AI offers unprecedented potential to improve the performance and impact of modern software solutions. One of its major capabilities is that it lowers the barriers to entry for those without software development knowledge and experience. While this has its advantages, in the wrong hands, it can also be dangerous. GenAI has also raised the stakes for those looking to protect users against social engineering, with increasingly sophisticated and compelling scams making it more difficult than ever to filter genuine communication from fake. The commoditization of di ..read more

In the ever-evolving world of storage solutions, Sabrent has launched a new offering: the Rocket NANO 2242 M.2 SSD (SB-2142-1TB). This drive (available here now) may be compact, but it packs a significant punch, specifically designed for space-limited devices like the Lenovo Legion Go and Lenovo ThinkPads, among others. The Rocket NANO 2242 stands out due to its size and compatibility. Though primarily designed for M.2 2242 slots, it offers flexibility with an extendable option to M.2 2280, catering to a broader range of motherboard configurations and portable devices. It also supports most ad ..read more

A new study from Prevalent shows third-party Breaches have risen 49 percent year-on-year, increasing threefold since 2021. The survey of IT professionals conducted in February and March this year shows 61 percent of companies experienced a third-party data breach or cybersecurity incident last year. "What stands out in our report isn't only the number of breaches, which is the highest we’ve tracked, but also the scale," says Prevalent CEO Kevin Hickey. "Breaches in 2023 impacted huge supply chains -- from Okta and LastPass to Change Healthcare and PJ&A -- exposing sensitive records of mill ..read more

Microsoft has unveiled a substantial $3.3 billion investment in Southeast Wisconsin, aimed at bolstering the region's stature as a leading center for AI-driven economic growth, innovation, and job creation. Today, Microsoft President Brad Smith, alongside President Joe Biden, made the announcement at Gateway Technical College, heralding a new era for the state's economic landscape. Brad Smith, Microsoft's Vice Chair and President, shared his enthusiasm for the initiative, stating, "Wisconsin has a long legacy of manufacturing excellence. We are excited to harness AI to propel the next generati ..read more