Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past decade, we’ve seen a massive shift towards relying on cloud technologies for everything we do, from watching TV shows and movies to sharing photos. Organizations have done the same. To increase efficiency and availability, they have moved their data and workloads to the cloud. But in a world of expanding threats, it has become necessary to implement additional layers of security for cloud data, applications and services to ensure privacy remains a top priority.

On February 11, 2020, Offensive Security introduced a major overhaul and update to their already fantastic course: Penetration Testing with Kali Linux. Those changes included updates to their lab environment. The study materials were substantially updated, with additional material including entire new sections on Bash Scripting, Active Directory Attacks, and PowerShell Empire.

Confluence is one of Atlassian’s most popular collaboration tools, a team workspace where users can create, capture, and coordinate on a variety of project types. Confluence’s role as a hub for sharing documents and creating templates means that, for many organizations, some of their most confidential data may live within their Confluence spaces.

As the pandemic continues to impact businesses all over the world, new challenges have emerged for business leaders - particularly in the retail and consumer sectors of the market. At Rubrik, we partner with leading global system integrators and delivery partners to solve the most difficult challenges enterprises face in these verticals.

If you were asked to list out the top problems society has been facing in 2020, cyberattacks on the maritime industry might not be an obvious issue that would come to mind. But the industry has seen a worrying trend in recent months, as a spike in cyberattacks that has left some of the biggest companies in the industry exposed. Specifically, both the fourth largest global shopping company and the International Maritime Organization (IMO) have been targeted in these attacks.

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

OWASP A1 (Injection) covers diversified injection vulnerabilities and security flaws including SQL and NoSQL injections, OS command injection and LDAP query manipulations.