A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Who would be silly enough to try and connect to a weird looking Wi-fi hot spot? Well, try to resist because if you have an iPhone you will break it and TL;DR; you will need to do a factory reset to fix it…
The Financial Times hosted an excellent event recently, at which I joined Naina Bhattacharya, CISO for Danone; Manish Chandela, Group CISO for Unipart and Florence Mottay, Global CISO for Ahold Delhaize, to discuss cloud security. The FT’s Dan Thomas moderated and the panellists all shared some excellent and candid insights into cloud threats and security strategies within their organisations.
Another memo, another leaky cloud app compromising the personal information of hundreds of thousands of individuals (and yes, you can easily guess the app that exposed the data so no spoiler alert needed—it was an S3 bucket). The latest organization to join the long list of victims of cloud misconfigurations is Cosmolog Kozmetik, a popular Turkish online retailer that exposed more than 9,500 files, totaling nearly 20 GB of data.
Today we are happy to announce that Teleport has been included as a Cool Vendor in Gartner Cool Vendors in Identity-First Security report. “We believe Teleport’s inclusion in the Identity-First Security Report by Gartner is confirmation that Teleport solves a huge problem of accessing cloud-native resources that traditional PAM tools did not,” said Ev Kontsevoy, co-founder and CEO of Teleport.
Tablets and mobile devices have become an essential part of our daily lives, especially as 5G expands and remote work continues. This means these devices hold some of the most sensitive information that is tied to our digital identity. Today, I’m excited to share that we have expanded our consumer partnership with NTT DOCOMO to include identity monitoring and protection for DOCOMO’s subscribers across Android and iOS devices.
Software performance issues come in all shapes and sizes. Therefore, performance tuning includes many aspects and subareas, and has to adopt a broad range of methodologies and techniques. Despite all this, time is one of the most critical measurements of software performance. In this multi-part series, I’ll focus on a few of the time-related aspects of software performance — particularly for security software.
In the wake of recent events like the SolarWinds hack and the White House executive order on cybersecurity, DevSecOps and security are top-of-mind for most DevOps and security professionals. How to efficiently adapt or adopt a sound DevSecOps practice has become a priority, especially with the U.S. government’s impending mandate requiring software applications to be vetted, and to create a trusted Software Bill Of Materials (SBOM) for each one.
Credential abuse and compromised user accounts are serious concerns for any organization. Credential abuse is often used to access other critical assets within an organization, subsidiaries, or another partner corporation. Once an account is compromised, it can be used for data exfiltration, or to further promote the agenda of a threat actor.
Technology evolution is the only constant in our lives these days. Sometimes, an existing approach can go a long way in addressing problems, while other times, a new approach needs to be adopted to get the work done. Let’s talk about vulnerabilities; internal networks and software can be riddled with loopholes, which can expose them to breaches and data leaks, paving the way for hackers to have an easy ride.
If you’re a Java developer that wants to develop your applications more securely, you’ve come to the right place. Snyk can help you with that mission. This article will explain how to begin with Snyk for secure Java development so you can be more secure from the get-go. If you’re new to Snyk, it’s important to know that we offer a variety of developer-focused products and tools. Some of these tools, like our CLI and some IDE integration, support multiple products.
