Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As I mentioned at the beginning of this year, I am trying to do a monthly blog post on what might be termed “Major Security Events”. In particular this year, I’ve written about the Ivanti meltdown, Lockbit ransomware, and the xz backdoor. These events usually emerge cacophonously and suddenly into the cybersecurity landscape, and generally get everyone’s attention “real quick”.

Read also: Alleged boss of cybercrime gang responsible for Twilio, LastPass, DoorDash breaches arrested, former employee gets prison sentence for wiping 180 virtual servers, and more.

Managed service providers tell us they see great opportunity from so many businesses migrating to SASE. But many struggle to take advantage of it. Why is that? In this post, we’ll examine why service providers can find it hard to build a Managed SASE (MSASE) service, and four things they need when launching one.

Scammers are now impersonating legitimate services like Booking.com and Kayak to target people planning their summer vacations. One out of every 33 vacation-themed domains registered last month was malicious, researchers at Check Point warn. “In May 2024, Check Point Research (CPR) detected a significant surge in summer-related cyber scams, highlighting the need for travelers to stay informed and proactive in safeguarding their personal information,” the researchers write.

In this mad, mad world of breaches, organizations are scrambling to keep their heads above water. It's like trying to navigate a minefield while blindfolded and riding a unicycle — one wrong move, and everything goes up in flames. So, how do you know your security controls are up to the task of defending your organization? This is where red teaming comes in.

On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI Data Security Standard (PCI DSS) with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against financial services and institutions, PCI DSS v4.0 supersedes version 3.2.1 to tackle evolving threats and technologies, facilitating enhanced approaches to counteract emerging types of cyber attacks.

Written by Jaye Tillson, Field CTO, Distinguished Technologist, HPE Aruba Networking The retail industry is undergoing a digital revolution. From online shopping with one-click purchases to in-store kiosks offering personalized recommendations and mobile point-of-sale systems allowing for seamless checkout. As a result of this interconnectedness, customer data is flowing across a complex and ever-expanding network, which is beneficial for convenience and customer experience.

When it comes to SaaS operation, the ability to respond swiftly to technical glitches and potential failures can mean the difference between a minor hiccup and a full-blown crisis. At Cyberint, we’re always on the lookout for out-of-the-box solutions to enhance our operational efficiency and ensure the highest level of service reliability.

As regulation and reporting requirements become increasingly stringent, it’s more important than ever for organizations to have powerful, streamlined access to Web3 accounting and financial data. To meet the growing demand in this space, Fireblocks has teamed up with TRES Finance to offer customers the ability to completely automate Web3 accounting, taxes, and auditing.

As a powerful and widely adopted open-source platform, the complexity of Kubernetes is not to be underestimated. Managing a Kubernetes environment requires a deep understanding of how its various components interact, especially when it comes to observability and security. This blog post will delve into the intricacies of golden signals in Kubernetes, their connection to security issues, and how they can be leveraged to safeguard a Kubernetes environment against common attack chains.