Register now with discount code SALUZwmdkJJ to get $150 off your full conference pass to AWS re:Inforce. For a limited time only and while supplies last. Today we want to tell you about some of the engaging data protection and privacy sessions planned for AWS re:Inforce. AWS …
I’d like to personally invite you to attend the Amazon Web Services (AWS) security conference, AWS re:Inforce 2022, in Boston, MA on July 26–27. This event offers interactive educational content to address your security, compliance, privacy, and identity management needs. Join security experts, customers, leaders, and …
More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. [...]
A deep dive into securing containerized environments and understanding how they present unique security challenges. [...]
Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps. [...]
Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk. [...]
French version At Amazon Web Services (AWS), we are committed to providing continued assurance to our customers through assessments, certifications, and attestations that support the adoption of AWS services. We are pleased to announce the availability of the Canadian Centre for Cyber Security (CCCS) assessment summary report for AWS …
How to use zero-trust architecture effectively in today's modern cloud-dependent infrastructures. [...]
Exploring what's next for public-cloud security, including top risks and how to implement better risk management. [...]
In this time of unprecedented cyberwar, organizations must protect the personal digital lives of their executives in order to reduce the company’s risk of direct or collateral damage. [...]
Fortinet's Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams. [...]
For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits. [...]
Ghostwriter is one of 3 campaigns using war-themed attacks, with cyber-fire coming in from government-backed actors in China, Iran, North Korea & Russia. [...]
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers' DevOps platforms – to its hit list. [...]
A large-scale, automated typosquatting attack saw 200+ malicious packages flood the npm code repository, targeting popular Azure scopes. [...]
Bots & automated attacks have exploded, with attackers and developers alike in love with APIs, according to a new Cequence Security report. Hacker-in-residence Jason Kent explains the latest. [...]
The data-extortion gang got at Microsoft's Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack. [...]
Five percent of the databases are vulnerable to threat actors: It's a gold mine of exploit opportunity in thousands of mobile apps, researchers say. [...]
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug. [...]
While IT automation is growing, big challenges remain. Chris Hass, director of information security and research at Automox, discusses how the future looks. [...]
A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel. [...]
Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL. [...]
A targeted phishing attack takes aim at a major U.S. payments company. [...]
With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in. [...]
The Conti gang breached the cookware giant's network, prepping thousands of employees’ personal data for consumption by cybercrooks. [...]