Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Recently, millions of Kia vehicles were affected by a vulnerability that allowed malicious actors to control them remotely, simply by using the vehicle license plate number. This incident invites reflection on how the endpoint notion has changed in recent years, expanding far beyond the computers and cell phones we traditionally protected.

Jira is a project management and issue-tracking solution that helps teams work together on projects. Created by Atlassian, it offers various tools to help companies organize tasks, communicate effectively, and track project progress. Jira is suitable for software development, IT services, business tasks, and customer support. Its flexibility makes it adaptable to different types of work.

Recently, we researched a project on Portainer, the go-to open-source tool for managing Kubernetes and Docker environments. With more than 30K stars on GitHub, Portainer gives you a user-friendly web interface to deploy and monitor containerized applications easily. Since Portainer is an open-source, we thought CodeQL, an advanced code analysis tool, be a good fit to check its codebase for any security issues.

As retailers prepare for a season of high-demand online shopping, the risks of cyberthreats continue to grow, much like the need for increased security in a bustling mall on busy shopping days. In today’s retail landscape, identity security serves as the “mall security team” of the digital world—working behind the scenes to protect customer trust and to help ensure seamless, secure shopping experiences.

The legal department plays a crucial role in enhancing enterprise security profiles. Historically, legal and cybersecurity departments have been siloed from one another in organizations both large and small. With security now a concern at the Board level, legal’s role in enterprise risk management – advising on threats and potential liability – must include the impact of data security threats.

Telegram, with over 700 million users globally, is widely known for its privacy features, but its lack of strict moderation has made it a favored platform for cyber criminals. Over recent years, the platform has been linked to illegal activities, including drug and weapons trafficking, child exploitation, and cyber crime operations like phishing, malware distribution, and stolen data trading.

Beware! Remote work and the variety of collaboration tools are making it easier than ever to access and share data, leaving sensitive information at risk from data vampires. Today, we share an old dark tale for you, but just as in Grimm’s fairy tales, the lessons are still frightfully relevant.

Passwords are required to do practically everything, from watching TV and accessing your phone to making a doctor’s appointment and paying your electric bill. Without a password manager, it’s virtually impossible to remember all of your passwords, particularly if you’re using strong and unique ones for each account.

On October 31st, 2024, another package compromise and cryptocurrency hijack story unfolded for a popular npm package.

It’s almost time for KubeCon North America, and we’re excited to share the latest updates in Calico. These updates improve network and runtime security, make it easier to use, and extend Calico’s strong network security and observability for Kubernetes to VMs and hosts that are not part of Kubernetes clusters.