Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As organizations became increasingly interconnected globally, every business started adapting to the digital model for all their transactions, fearing that otherwise they would be left behind in the race. Unfortunately, this has turned out to be a catch-22 as threats to cybersecurity are continually increasing. The rise in attacks was partly due to Log4j that helped to boost the cyberattack attempts to an all-time high in Q4 2021.

The Splunk Threat Research Team is monitoring open channel intelligence and government alerts indicating the possibility of malicious campaigns using destructive software in relation to ongoing geopolitical events. Based on historical data of named geopolitical actors, the use of destructive payloads has been observed in past campaigns.

Like a loner wolf, are you among those software developers who work independently instead of being part of a company or an organization? If yes, you may have one major issue of not being recognized as any significant brand name for the software you develop. You may even have a headache of getting trusted by browsers and operating systems and bypassing ugly warning messages like an unknown publisher.

The collection process of an EV Code Signing certificate is quite different compared to the OV (Organization Validated) Code Signing certificate. But it also offers additional security practices that aren’t provided by a standard code signing certificate. Nonetheless, here in this piece of article, we’ll discuss how to setup your EV Code Signing certificate so you can move further with digitally signing your applications and software.

Data governance is the principled approach to managing data during its life cycle — from the moment you generate or collect data to its disposal. Good data governance ensures that data is kept private, accurate, usable, and most of all: secure. Data governance is a broad term, and as a result, good data governance encompasses everything from user behavior to technology to policies and compliance regulations.

The cybersecurity talent shortage is real. As of December 2021, a job-tracking database from the U.S. Commerce Department showed nearly 600,000 unfilled cybersecurity positions. And a 2021 study found that 57% of cybersecurity professionals worked at organizations that have been directly impacted by the cybersecurity talent shortage. Even so, many organizations want to “shift security left” or build security best practices earlier into the software development lifecycle (SDLC).

In November 2021, AT&T Alien Labs™ first published research on our discovery of new malware written in the open-source programming language Golang. The team named this malware “BotenaGo.” In this article, Alien Labs is updating that research with new information.

The fifth annual Sysdig Cloud-Native Security and Usage Report digs into how Sysdig customers of all sizes and industries are using and securing cloud and container environments. We examined the data and found some interesting trends this year that may help you as you work to develop best practices for securing and monitoring your cloud-native environments. This year’s report has new data on cloud security, container vulnerabilities, and Kubernetes capacity planning.