Technology

forgerock

Six Terms to Up Your IoT Vocabulary

You know that uncomfortable feeling in the pit of your stomach when you didn’t study for the test and you think you’ll get a failing grade? You stare blankly at the test questions and feel completely lost and adrift. It’s like having a conversation with a colleague who casually drops a term or acronym related to the Internet of Things (IoT), and you suddenly find yourself on unfamiliar ground.

netskope

Cloud Threats Memo: Watch Out for Google Forms Cloud Phishing

Google Forms is one of the preferred tools used by cybercriminals to quickly set up and deliver phishing pages. We have seen examples of Google Forms pages mimicking Microsoft Office 365 logins (one of the preferred imitated applications), financial institutions like American Express, and in general any applications. Despite the naïve layout, the tool is flexible enough to build an (un)realistic login page with few clicks.

wandera

Pegasus spyware slipping into mobile devices unnoticed. Time to take mobile security seriously.

An investigation titled the Pegasus Project by 17 media organizations and Amnesty International’s Security Lab uncovered that surveillance software from NSO Group purportedly used by governments to target criminal and terror suspects is actively being utilized to target journalists, activists and dissidents. As a result, the security industry has dubbed this, the Pegasus Spyware, which bears a remarkably similar resemblance to the recent spyware activity surrounding FinSpy.

Snyk

Four steps for hardening Amazon EKS security

In the first part of this blog series, we explored deploying Amazon EKS with Terraform, and looked at how to secure the initial RBAC implementation along with securing the Instance Metadata Service. In this second post, we’ll look at more best practices to harden Amazon EKS security, including the importance of dedicated continuous delivery IAM roles, multi-account architecture for Amazon EKS cluster isolation, and how to encrypt your secrets in the control plane.

lookout

Protect Yourself from Powerful Pegasus Spyware

Note from the author: This write-up is meant to provide an overview on Pegasus, why you should be concerned, how Lookout can help protect you and what actions security admins should take. For additional information, please read our full technical report. Lookout Customers: If you believe your organization or one of your employees has been compromised by Pegasus, please reach out to our support team immediately.

netskope

July 2021 Netskope Cloud and Threat Report

The July 2021 Netskope Cloud and Threat Report is the latest installment of our research analyzing critical trends in enterprise cloud use, cloud-enabled threats, and cloud data transfers.  Enterprise cloud usage continues to rise, driven by collaboration and consumer apps, a continuation of a trend that started at the beginning of the COVID-19 pandemic and continues through today, as 70% of users on the Netskope Security Cloud continue to work remotely.  At the same time, attackers continu

devo

How Devo Is Working with Google Cloud IDS to Deliver Greater SOC Visibility with Integrated Security Tools

As the only cloud-native logging and security analytics platform that enables organizations to take full advantage of all of their data to run and secure their business, Devo is committed to working with other leading security technology providers to bring advanced capabilities to our customers. That’s why we’re pleased to announce an integration with Google Cloud IDS.

tripwire

Top 5 NCSC Cloud Security Principles for Compliance

There are many important factors to consider when choosing a cloud provider for your cloud use cases. For organizations in heavily regulated industries, compliance with relevant regulations is one of the most important things to think about. Whether you’re planning for a single cloud workload or a hybrid multi-cloud setup, maintaining compliance for sensitive data in the cloud is imperative.