Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In recent years more open source vulnerabilities have been discovered than ever before. This is all part of the natural evolution; it’s what we expect to see as the amount of open source usage grows within organizations. But there’s something that we missed in this equation: while identifying vulnerabilities, organizations haven’t found a way to block unwanted dependencies, which made them vulnerable to attacks like never before.

Ever since the pandemic had set in, the entire cybersecurity landscape has undergone a vast change. The Covid-19 crisis has forced organizations and CISOs to adapt to sudden, unprecedented, and until now unforeseen challenges. Remote working has become the “New Normal”. The remote working culture will stay long after the pandemic has gone. The shifting of offices to home has made it easier for hackers to target personal networks rather than the well-protected office networks.

Kubernetes pods are the basic building blocks of Kubernetes. It's managing one or more tightly coupled application containers allowing them to share resources and networks. Pods are hosted on nodes, which are either physical or virtual machines. When defining a Pod we need to think not only about how much CPU or memory we want to assign to it but also about what would be the interaction between it and the underlying infrastructure.

Sophos Labs recently released its annual global study, State of Ransomware 2022, which covers real-world ransomware experiences in 2021, their financial and operational impact on organizations, as well as the role of cyber insurance in cyber defense. The report, which surveyed 5,600 IT professionals in mid-sized organizations across 31 countries, shows that ransomware attacks are increasing and becoming more sophisticated.

The threat landscape means the entire scope of potential and recognized cybersecurity threats affecting user groups, organizations, specific industries, or a particular time. As new cyber threats emerge daily, the threat landscape changes accordingly.

Globally, the telecom service providers are under massive pressure to add new revenue streams because of the commoditization of voice and data services and dropping margins. In this regard, several service providers have started offering financial services to leverage their distributor network and existing relationship with the subscribers.

Security transformation is upon us, and the global pandemic further accelerated macro-trends such as work-from-anywhere that were already well underway. But with so many ideas now competing for airtime when it comes to describing that transformation and how to do it successfully, security professionals could be forgiven for thinking that the right moves and the good advice are getting buried under an avalanche of marketing, buzzwords, and acronyms.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. This is a new one…. Selling a decryptor ‘in world’. The most disturbing part is that the world in question is aimed at kids. Softer target to coax a ransom from out of embarrassment?

Ever wondered how large-scale power plants monitor or control the myriad of systems that fill their environment? Have you thought about how some of the world’s greatest industrial hacks were enacted? This post will look to illuminate how one tiny legacy protocol, namely "ModBus" could help to understand just how straight forward this could be.