Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A thriving hacker has been found to be posting a college database showcasing it to be a breach. This happened to one of the colleges in the southern region of India, Kerala. Necessary measures have been taken to keep them up to date! The college’s information was found to be floating around on the Dark Web. These data seem to be highly sensitive. These data could be acquired by any human being for just a few thousand.

APT hackers turn to malicious Excel add-ins as initial intrusion vector, PurpleUrchin bypasses CAPTCHA and steals cloud platform resources, and Russia’s Turla APT piggybacks on other hackers’ USB infections.

A shared object refers to the code, which is shared across different programs instead of being replicated manually for each program. Here, the permanent shared objects are the codes that are bound to remain active in the system’s memory even after the program is over. The main purpose of creating the permanent shared objects is to ensure that these codes are stored in the memory and can be re-used multiple times as and when required.

Third party risk assessment is the process of evaluating and managing the risks associated with engaging third parties. It involves identifying, assessing, and mitigating potential risks that could arise from working with external vendors or partners. The goal of this type of assessment is to ensure that any risks posed by these relationships are minimized or eliminated altogether.

In the event that there was a malicious actor who wanted to disable a country or state's power supply, the utility sector would be one of the first targets of this attack as seen in the Moore County power outage and the recent attacks on Portland’s infrastructure. Whenever stakes are this critical, it is essential that security is prioritized throughout the systems and processes involved in such matters.

A common topic in our blog is the threat that insiders pose to an organization’s sensitive data. Why? ‘Insider threats’ continue to pose the biggest threats to intellectual property (IP) and military secrets. Insiders, including contractors, need access to sensitive information to do their job, but to what extent? How can we prevent sensitive information from being exfiltrated by malicious insiders?

Kubescape, an end-to-end open-source Kubernetes security platform, embarks on a new journey. Kubescape, created by ARMO, will fully migrate to the CNCF. This coincides with the launch of ARMO Platform, a hosted, managed security solution powered by Kubescape.

Kubernetes adoption has rocketed into ubiquity. At this point, 96 percent of organizations are either using Kubernetes for container orchestration or evaluating its use, according to the latest Cloud Native Computing Foundation annual survey. But this doesn’t mean that Kubernetes isn’t without security risks. The flexibility of container applications and their capability to carry discrete components that interact over the network present security challenges.