Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
A Weaponized npm Package '@core-pas/cyb-core' Proclaimed Pentesting Related
Two packages of well-known origin were found exfiltrating Windows SAM and SYSTEM files, apparently as part of internal security research rather than a targeted dependency confusion attack. On June 6th, 2022, the Mend research team used Supply Chain Defender to detect and flag two malicious packages from the same author that contained identical code. We alerted npm and the packages were removed within three hours of publication.
How Rubrik Supports the NIST Cybersecurity Framework Profile for Ransomware Risk Management
Rubrik was built on a foundation of Zero Trust architecture. The National Institute of Standards and Technology (NIST) is a United States federal agency that works with organizations of all sizes to help them implement cybersecurity best practices.
Stranger Danger: Your JavaScript Attack Surface Just Got Bigger
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
What Are Web Cookies? The Privacy and Security Risks of Internet Cookies
This article has nothing to do with chocolate chips or sprinkles. Sorry about that. Instead, we're talking about computer cookies and how too many web cookies can be bad for your online health. While cookies are enormously helpful and necessary for an easy-going web experience, they are not all good, and many pose some genuine privacy concerns. But what is a cookie, how does one work, and how do they (sometimes) infringe on your digital rights?
Tigera: Microsoft and Tigera: Hands-on AKS workshop: Configuration Security and Compliance
In this AKS-focused workshop, you will work with Microsoft and Calico experts to learn how to design and deploy best practices to secure your Kubernetes environment and achieve compliance with regulatory frameworks including but not limited to PCI, SOC2 and GDPR. This 90-minute hands-on lab comes with your own provisioned AKS and Calico Cloud environment and is designed to help implement.
Tigera: Prevent a potential DDoS Attack with Application-Layer Security Controls
Layer 7 refers to the top layer in the 7-layer OSI Model of the Internet. It is also known as the "application layer." It's the top layer of the data processing that occurs just below the surface or behind the scenes of the software applications that users interact with. The HTTP requests and responses used to load webpages, for example, are layer 7 events.
Rubrik: Introduction to Rubrik: Zero Trust Data Protection
Legacy backup solutions leave your data open for ransomware, are hard to manage, slow to recover, and can't scale to the cloud. Rubrik Zero Trust Data Protection safeguards your data against any threat imaginable. Learn how to protect your enterprise data from cyber-attacks with an air-gapped, immutable file system that can't be modified, deleted, or encrypted by hackers. During this demonstration you will learn.
Introducing NC Protect's New CUI Designator Labelling Capability for US Defense Requirements
Protecting Controlled Unclassified Information (CUI) is a top priority for companies that have government and defense contracts, especially with the changes being rolled out in CMMC 2.0. We’re pleased at announce a new NC Protect watermarking feature to support CUI Designator labelling capability to assist US Defense and the Defense Industrial Base (DIB) with meeting the new CUI document handling and tagging requirements. The feature will be globally available during the July 2022 timeframe.
Protect your Business with Enterprise Mobile Security in 2022
If you are not taking enterprise mobile security seriously, look at these stats: According to the State of Enterprise Mobile Security 2022 Report, 75% of the analyzed phishing sites targeted mobile devices. The same report stated that 30% of the total zero-day vulnerabilities discovered in 2021 targeted mobile devices. Security week states that mobile phishing attacks have increased at a consistent rate of 85% since 2011.
Monthly JFrog Xray Demo
William Manning, JFrog Solutions Engineering Manager, hosts "Monthly JFrog Xray Demo." See how Xray provides intelligent supply chain security and compliance at DevOps speed. JFrog Xray is a software composition analysis (SCA) solution that scans your open source software (OSS) dependencies for security vulnerabilities and license compliance issues.