The phone numbers associated with over 400 million Facebook accounts were exposed online in the latest privacy dilemma for the social media giant. TechCrunch reported on Wednesday that an exposed server storing 419 million records was found online - 133 million belonging to U.S. users, 50 million Vietnamese users, and 18 million U.K. users. This server was not protected with a password, meaning anyone could access the database up until late yesterday evening once the host took down the site.

The backend developer team at Detectify has been working with Go for some years now, and it’s the language chosen by us to power our microservices. We think Go is a fantastic language and it has proven to perform very well for our operations. It comes with a great tool-set, such as the tool we’ll touch on later on called pprof. However, even though Go performs very well, we noticed one of our microservices had a behavior very similar to that of a memory leak.

AquaSec’s Daniel Sagi recently authored a blog post about DNS spoofing in Kubernetes. TLDR is that if you use default networking in Kubernetes you might be vulnerable to ARP spoofing which can allow pods to spoof (impersonate) the IP addresses of other pods. Since so much traffic is dialed via domain names rather than IPs, spoofing DNS can allow you to redirect lots of traffic inside the cluster for nefarious purposes.

Okta is a cloud-based identity management service that provides authentication and authorization tools for your organizations’ employees and users. You can use Okta to incorporate single sign-on, multi-factor authentication, and user management services right into your applications.

Containers have become a popular technology for enterprises that need to create agile, scalable and reliable applications. As they’re moving containerized workloads into production, many are adopting Kubernetes for container orchestration. While containerization enables DevOps to deploy software fast and efficiently, it also creates new security challenges, especially for those who’ve accelerated their implementation of this complex technology.

At Bearer, we’ve been crafting a remote-first company since day one. Not only are we remote-first, we are, in fact, a multi-regional, multi-cultural, multi-lingual, remote-first company, something even more unique! Since we’ve been running the company this way for more than a year now, we took this as a good opportunity to reflect on the culture and process we've built, hopefully answering some questions you may have about remote-first companies too.

If you are involved with cyber security, you must have heard log auditing. In this article we discuss the importance and benefits of log auditing and how it can help improving the security posture of your networks. The definition of audit log (also known as audit trail) is quite straightforward. When the system is applied a change, it leads to a parallel one in the behaviour of the system. This change in the behaviour must be recorded in an audit log.

A cyber threat (or cyber security threat) is the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties.

Students in the Monroe-Woodbury Central School District were expecting to head back to school today, but a ransomware attack forced officials to push back the first day of school. The district's superintendent, Elsie Rodriguez, was forced to send out an email to parents Tuesday night, claiming to have experienced a cyber security threat that impacted the district's operations.

The numbers are shocking. According to the 2019 The State of Work Report, employees spend just 40% of their workday on primary tasks. A Gallup poll showed that disengaged employees cost companies in the United States between $450 and $550 billion per year, and highly engaged teams are 21% more profitable than others. So how can an organization find out what employees are doing when they are on the clock so they can take steps to increase engagement and boost productivity?