If you attended SnykCon 2021, you may remember our inaugural CTF: Fetch the Flag. In this CTF, TopLang was a web challenge of medium difficulty that we received a lot of positive feedback about. So for those of you that loved it, this write-up explains how our team internally approached tackling and solving this challenge. This challenge was a pretty typical example of what is known as an “oracle attack” using blind SQL injection.

Strictly following security best practices is the first step to cybersecurity. Although SSH is the industry standard for both security and efficacy for remote server access, as with any software, SSH is only as secure as configurations applied to the server and client configurations. In this article, we’ll explore five SSH best practices you should observe to boost the security of your infrastructure.

Businesses are constantly analyzing tools that are available to help improve productivity and network security throughout their organization. Consulting with experts to help align on pieces of software and hardware that will come together to develop the most effective strategy is a process that should not be taken lightly. During this process, many businesses may conclude that keyloggers are an effective tool to help reach their organizational goals.

This won’t come as a surprise to anyone who’s spoken to me for more than five minutes, but I am a Doctor Who fan. In fact, “fan” is being kind. I’m hopelessly obsessed with the show to the point that more than one ‘Who’ actor has a restraining order out on me.

On December 16, Prime Minister Justin Trudeau released mandate letters tasking his ministers of national defense, foreign affairs, public safety, and industry to develop a new “National Cyber Security Strategy.” He specifically highlighted the need for the strategy to “articulate Canada’s long-term strategy to protect our national security and economy, deter cyber threat actors, and promote norms-based international behavior in cyberspace,” as quoted by Global News.

When deploying cloud-native applications to a hybrid and multi-cloud environment that is protected by traditional perimeter-based firewalls, such as Palo Alto Networks (PAN) Panorama, you need to work within the confines of your existing IT security architecture. For applications that communicate with external resources outside the Kubernetes cluster, a traditional firewall is typically going to be part of that communication.

Last month, on December 8, we hosted a webinar alongside Bluecore CISO Brent Lassi to discuss data security risks facing high-growth organizations like his on SaaS systems like Slack. With 2022 just beginning, we wanted to share 5 important lessons about Slack and SaaS security that are worth keeping in mind this year.

In October 2021, the IT systems of the Israeli healthcare system suffered a ransomware attack from which it took weeks to recover. Although the motive for the cyberattack on this occasion was not geopolitical but financial, government sources said they feared that far more dangerous incidents against this sector could be carried out by groups linked to foreign powers such as Iran.

This blog was written by an independent guest blogger. Technology in healthcare has the potential to make all the difference in terms of safety outcomes. Right now, modern tech is pushing the envelope of what is possible in the doctor’s office and the patient’s home, as telehealth and artificial intelligence transform the landscape of medical care. But technology isn’t always safe.

Development teams are frequently under the gun to deliver software quickly, which is difficult to do without modern tools to build, test, and deploy applications efficiently. That’s why Atlassian’s Bitbucket Cloud — a Git-based source code repository service in the cloud that streamlines software development for collaborative teams — was built for both speed and efficiency. The challenge nearly all organizations face is ensuring development speed and security at the same time.