SEARCH
Archive
BeyondProd Lays Out Security Principles for Cloud-Native Applications
First, it was Beyond Corp, to shift security away from the perimeter and onto individual users and devices. Now it is BeyondProd, to apply zero-trust principles to cloud-native applications and workloads that rely on microservices and communicate primarily over APIs.
Google to Pay for Security Upgrades in Open Source Projects
Google is amending its patch reward program to provide up-front financial support for open source projects that need money to make security improvements.
Google to Restrict App Access to G Suite Accounts
Google will limit the ability of LSA to access G Suite accounts starting in June, to protect users from account hijacking attempts. The change is to encourage using apps that rely on OAuth 2.0.
Chrome Adds Warning for Compromised Passwords
Google has integrated its Password Checkup functionality into Chrome 79 to warn when people use compromised credentials.
StrandHogg Bug Plagues Android
Many versions of Android, including Android 10, have a weakness dubbed StrandHogg that can lead to credential phishing and other malicious actions.