Security update live blog

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $ 10.99/£10.99.

Nordsec adds encrypted cloud storage for business offer

NordLocker

(Image credit: NordLocker)

Just days after it announced that it had received investments of $ 100 million, Nordsec, the holding company for the popular NordVPN, has added yet another product to its portfolio. Nordlocker for business is its second product that targets the multi-billion dollar enterprise security market. After NordLayer, NordLocker is a secure cloud storage service that competes with the likes of Wasabi.

“We introduced NordLocker as a robust file encryption tool in 2019. Since then, the product has undergone a few solid development phases and is now positioned as an end-to-end encrypted cloud storage option with a file encryption solution,” says Aivaras Vencevicius, head of product at NordLocker. “It was only natural for us to move forward and launch an encrypted cloud service for business clients to offer a secure, convenient, and cost-effective way to store and manage their data.”

TechRadar – All the latest technology news

Read More

Security update live blog

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $ 10.99/£10.99.

Nordsec adds encrypted cloud storage for business offer

NordLocker

(Image credit: NordLocker)

Just days after it announced that it had received investments of $ 100 million, Nordsec, the holding company for the popular NordVPN, has added yet another product to its portfolio. Nordlocker for business is its second product that targets the multi-billion dollar enterprise security market. After NordLayer, NordLocker is a secure cloud storage service that competes with the likes of Wasabi.

“We introduced NordLocker as a robust file encryption tool in 2019. Since then, the product has undergone a few solid development phases and is now positioned as an end-to-end encrypted cloud storage option with a file encryption solution,” says Aivaras Vencevicius, head of product at NordLocker. “It was only natural for us to move forward and launch an encrypted cloud service for business clients to offer a secure, convenient, and cost-effective way to store and manage their data.”

TechRadar – All the latest technology news

Read More

Microsoft launches special Office 365 bundle for maximum security

Microsoft has announced it will launch a new version of its Office 365 productivity bundle, designed specifically for government and intelligence agencies.

The tailor-made collaboration suite, called Office 365 Government Secret, is currently pending accreditation and should be available by mid-2022.

Announcing the news in a blog post, Microsoft CVP Paul Lorimer noted that today’s governments face many challenges, “including increasing employee engagement and productivity with the latest tools, securing and controlling sensitive data, and managing multiple applications, devices, and workloads”.

Add in a heightened demand for security and you end up with a major market in need of “secure, productive, and efficient cloud options”.

TechRadar needs you!

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window <<

Supporting government agencies

Office 365 Government Secret is built to support the US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within the Secret enclave, Lorimer added.

“With the launch of this new environment supporting Impact Level 6 (IL6), we’re adding to the comprehensive set of Office 365 Government cloud offerings to help meet the full spectrum of government data needs.”

This new productivity suite will run the latest enterprise-grade Office 365 Government productivity, security, compliance, and collaboration applications, it was added. 

This is not the first time Microsoft has built custom solutions exclusively for government agencies. In August last year, the company announced the general availability of Azure Government Secret and Top Secret clouds.

Launched with more than 60 initial services (with more in the pipeline), the product was built to “accelerate the delivery of national security workloads classified at the US Top Secret level”. Microsoft also has more than 73 services under Azure Government Secret.

Those that plan to deploy Office 365 Secret environment should engage with their onboarding teams, the company said, in order to be ready when the final authorization is given.

TechRadar – All the latest technology news

Read More

GitHub wants to help developers spot security issues before they get too serious

In an effort to further secure open source software, GitHub has announced that the GitHub Advisory Database is now open to community contributions.

While the company has its own teams of security researchers that carefully review all changes and help keep security advisories up to date, community members often have additional insights and intelligence on CVEs but lack a place to share this knowledge.

This is why GitHub is publishing the full contents of its Advisory Database to a new public repository to make it easier for the community to leverage this data. At the same time, the company has built a new user interface for security researchers, academics and enthusiasts to make contributions.

All of the data in the GitHub Advisory Database is licensed under a Creative Commons license and has been since the database was first created to ensure that it remains free and usable by the community.

Contributing to a security advisory

In order to provide a community contribution to a security advisory, GitHub users first need to navigate to the advisory they wish to contribute to and submit their research through the “suggest improvements for this vulnerability” workflow. Here they can suggest changes or provide more context on packages, affected versions, impacted ecosystems and more.

The form will then walk users through opening a pull request that details their suggested changes. Once this done, security researchers from the GitHub Security Lab as well as the maintainer of the project who filed the CVE  will be able to review the request. Contributors will also get public credit on their GitHub profile once their contribution has been merged.

In an attempt to further interoperability, advisories in the GitHub Advisory Database repository use the Open Source Vulnerabilities (OSV) format. Software engineer for Google's Open Source Security Team, Oliver Chang provided further details on the OSV format in a blog post, saying:

“In order for vulnerability management in open source to scale, security advisories need to be broadly accessible and easily contributed to by all. OSV provides that capability.”

We'll likely more on this change to the GitHub Advisory Database once security researchers, academics and enthusiasts begin making their own contributions to the company's database.

TechRadar – All the latest technology news

Read More