A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. There was me at the early part of the week thinking not much earth shattering infosec the previous week and hoping for some excitement this week. And what happens? Yes something comes along. First being a happy day of no social media.
On Monday, October 4, 2021, Facebook suffered a prolonged outage when, during routine maintenance, all connections to their global backbone network were mistakenly taken down. More details on the cause and response to the outage are available on the Facebook blog. At Netskope, we help secure the cloud and web traffic of millions of users worldwide. In this blog post, we provide a glimpse into what the Facebook outage looked like from our perspective.
Although the typical use case of SSH is to access a remote server securely, you can also transfer files, forward local and remote ports, mount remote directories, redirect GUI, or even proxy arbitrary traffic (need I say SSH is awesome?). And this is just a small set of what’s possible with SSH.
The entitlement review definition is simple: a review of user access permissions and other rights. The goal of a user entitlement review is to ensure that each user in the IT environment has access to the data they need to do their job and nothing more — the principle of least privilege. A structured and regular entitlement review process helps mitigate security risks and protect sensitive data.
Cybersecurity Awareness Month is now in its 18th year. Hosted by the CISA and National Cybersecurity Alliance (NCSA), the event’s goal is to raise awareness about the importance of cybersecurity and to ensure all Americans have the resources they need to keep their data secure. This year, Devo is one of the 2021 champion organizations for Cybersecurity Awareness Month.
The past two years have sure made everyone rethink and reimagine the way businesses must run. These years have been marked by resilience and reinvention. And, for many digital and digitally enabled startups, it’s been a year of remarkable growth. Almost all startups restructured their companies and significantly reduced costs. Many had to explore new distribution channels or new customer segments. Omnichannel consumer brands shifted completely online.
The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved traditional network boundaries. Today, the network perimeter has evolved as workloads have moved to the cloud while non-managed, mobile devices have become the norm rather than the exception. The location of applications, users, and their devices are no longer static. Data is no longer confined to the corporate data center.
A problem that is often discussed in the context of policy-as-code is how to get more people other than developers involved in policy authoring. Policy as code is still code, and while tooling and abstractions can help to some extent, the process still involves at least some level of development knowledge.
