A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. I’ve heard a few friends over the years mention things discussed at home suddenly appearing in ads when on the Internet. Yes, some of that might be due to doing web searches, but what if…
Our other blogs and articles are primarily security-focused – this is non-technical yet relevant, one of the issues that I felt and intended to explore personally. It’s pretty hard to admit when you are in privilege, and it’s even harder to change the status quo when you are comfortable. This is a write-up on how I see diversity and inclusion currently in the cybersecurity industry, mainly a beginner’s understanding of the subject.
This blog is the latest in a series dedicated to Zhadnost, a Russia-aligned botnet first discovered by SecurityScorecard in March.
In 2020, SecurityScorecard uncovered a case in which self-signed certificates caused misattributions for CDN IPs, and IPs shared by many websites. At the time, we mitigated this issue by labeling CDNs (e.g. Cloudflare, Akamai, Fastly, etc.), so that customers could easily determine if their scoring problems were related to shared IPs.
According to Gartner, by 2025, 80% of enterprises will have adopted a strategy to unify web, Cloud services and private application access from a single vendor’s security service edge (SSE). We know that cybersecurity is a top priority for IT funding. Business owners and CISOs need to invest in security technologies in a way that will drive resilience and promote productivity among their – probably largely digital – businesses.
In this post I will be announcing a new open source project: Teleport Connect. It is a dedicated secure web browser for accessing cloud infrastructure. But first, let me explain why we've decided to build it, starting with a bit of historical context. As a kid I have always enjoyed imagining the process of programming to having a conversation with a machine. The REPL loop is the most obvious example of this interaction. As our code grows it no longer fits in a REPL environment.
If your company is worried about the financial hit of paying a ransom to cybercriminals after a ransomware attack, wait until they find out the true cost of a ransomware attack. Because the total costs of recovering from the ransomware attack are likely to be much, much higher. That’s the finding of a new study by researchers at Check Point, who discovered that the average total cost of a ransomware attack is more than seven times higher than the average ransom paid.
