Check out this one line for a moment...“duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations.” In a worrying display of social engineering sophistication, a multinational company was defrauded of $25 million through an intricately planned deepfake scam.

Legacy VPNs have become a significant security liability for businesses and governments. VPNs require inbound access to corporate networks, significantly broadening the attack surface for malware. This makes them prime targets for threat actors, increasing the risk of disruption to your business.

In the cloud-native era, Infrastructure as Code (IaC; read more about it in this blog here) has become the de-facto standard for managing cloud infrastructure, and more. While Terraform has been around for almost a decade, and it had been the one-and-only cloud-agnostic option for a couple of years before competitors emerged, now the landscape is a whole lot more diverse: we've got AWS CDK, CDK for Terraform, and there is a relatively new kid on the block: Pulumi.

As containerized applications become the norm, the complexities of securing these dynamic, scalable environments demand a fresh perspective on traditional security practices. While Kubernetes streamlines deployment and management, it also introduces a new layer of attack surface, necessitating a nuanced approach to threat mitigation.

As Microsoft Azure continues to gain market share in the cloud infrastructure space, it has garnered attention from adversaries ranging from hacktivist and eCrime threat actors to nation-state adversaries. Recent attacks on Microsoft by cloud-focused threat actors like COZY BEAR are becoming more frequent and garnering huge attention.

Humans don’t like change. Whether it’s saying goodbye to your favorite pair of jeans, moving to a new house, or trying a new kind of coffee, we often resist change. But sometimes change is forced on us. For example: Over the past month or so, Broadcom rolled out tremendous changes to VMware licensing. This is why many of our customers and partners are wondering what the changes will mean to them.

The security landscape is constantly changing. As such, this blog has been updated to reflect the risks developers and security teams face today and how to overcome them. In our rapidly advancing, code-dominated digital landscape, safeguarding your codebase takes center stage. GitHub is the go-to platform for code sharing and version control in the developer community. However, given its widespread adoption, GitHub is not immune to many of the security challenges that developers face daily.

HopSkipDrive is an education solution that assists guardians with their unique transportation needs; from planning bus logistics to utilizing live ride-share options, HopSkipDrive is a family’s best resource for education transportation. In July 2023, HopSkipDrive received an email from an unknown actor, allegedly claiming that assailants exfiltrated information during a cyber attack.

Observability strategies are needed to ensure stable and performant applications, especially when complex distributed environments back them. Large volumes of observability data are collected to support automatic insights into these areas of applications. Logs, metrics, and traces are the three pillars of observability that feed these insights. Security data is often isolated instead of combined with data collected by existing observability tools.