Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
How to Sign Kubernetes using Sigstore
In this livestream we are joined by Adolfo Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, as we talk about they were able to tackle signing all of the Kubernetes v1.24 image artifact using Sigstore. We then demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
Hackers Are Using These 3 Techniques to Bypass MFA
There’s no denying that multi-factor authentication (MFA) is an essential security measure that significantly improves an organization’s cyber posture. However, there is no silver bullet in cybersecurity. Though multi-factor authentication proves extremely helpful, determined and resourceful cybercriminals can still find techniques to bypass it. Let’s look at some frequently-used methods cyber-attackers leverage to bypass MFA.
4 Expert Tips for Data Center Security
In a market projected to grow to $288.30 billion by 2030, data centers will expand to facilitate more data-driven workloads, including AI and big data. Much of this expansion continues to occur in the cloud, as companies seek to reap the benefits of low-cost infrastructure that they can spin up as needed. In fact, research shows that cloud workloads represented 94% of all data center workloads worldwide in 2021.
What Is Cyber Insurance?
Cyber insurance is a specialized insurance policy that was created to protect businesses from the losses that can occur as a result of cyber attacks. The size of your business does not matter when it comes to needing cyber insurance, and it shouldn’t be your only priority when it comes to your business’s cybersecurity. Read on to learn more about cyber insurance coverage and its cost.
The What, Why and How of Auto-Remediation in Cybersecurity
When you’re facing a cyberattack, waiting even just minutes to respond could be the difference between business as usual and a calamity. It may only take that long for threat actors to exfiltrate sensitive data or disrupt critical systems. That’s one reason why automating remediation is an essential ingredient in an effective cybersecurity strategy.
The Top Cyber Attacks of November 2022
November has turned cold in much of the Northern Hemisphere, and there was plenty of cold comfort to go around in the world of cybersecurity. Our latest round-up looks at a massive company that can’t stop getting breached, another one scrambling to correct an unforced error, a worst-case scenario for the blending of church and state, and a depressing report on just how much money ransomware gangs are pulling in. Let’s get ready for a dip into the chilly waters of cybercrime.
Rethinking IAM: What Continuous Authentication Is and How It Works
Multiple reports show that people don’t take the necessity to pick secure passwords for their login credentials and personal devices seriously enough. According to Verizon’s 2022 Data Breach Investigations Report, 80% of incidents resulting from hacking attacks involved weak and compromised passwords. These findings make us wonder whether confirming a user’s identity just once at login is enough. Should this be a repeated procedure?
Choosing the Right Industrial Cybersecurity Framework
It’s no surprise that industrial environments have become increasingly valuable targets for malicious behavior. The State of Security has featured many cybersecurity events across myriad industrial verticals, including but not limited to chemical manufacturing, transportation, power generation and petrochemical. Several of these industries have taken great strides in improving their defense posture, but this was primarily driven as a result of governmental regulatory compliance requirements.
Sysdig Secure-Google Chronicle Integration - Why, What and How
Cloud adoption and digital transformation have enlarged attack surfaces that can be exploited by malicious actors to harm your organization. Traditional SIEMs and EDRs fall short as they are not cloud-native and also difficult to scale. Further, there are inherent fixed costs that need to be considered when adopting any modern threat detection apparatus.
5 best practices for React with TypeScript security
As a library focused on building user interfaces rather than a full-fledged framework, React enables developers to choose their preferred libraries for various aspects of an application, such as routing, history, and authentication. Comparatively, Microsoft created TypeScript as an extension of JavaScript to introduce optional static typing to an otherwise loosely typed language.