Visa have reported a new security alert for an advanced, self-cleaning, JavaScript skimmer named Pipka. The security researchers at Visa’s Payment Fraud Disruptions (PFD) discovered the skimmer in September earlier this year. The skimmer was first seen on a North American ecommerce website which had previously been infected with a different skimmer, Inter. Visa have now identified another 16 additional sites with hosting the Pipka code.

Google Cloud Run is a serverless compute platform that automatically scales your stateless containers. In this post we are going to showcase how to secure the entire lifecycle of your Cloud Run services. Sysdig provides a secure DevOps workflow for Cloud Run Platforms that embeds security, maximizes availability and validates compliance across the serverless lifecycle. Sysdig Secure Devops Platform is open by design, with the scale, performance and usability enterprises demand.

The threat of your customers being attacked directly on the client-side is more real today than ever before. Magecart are knocking on everybody’s door – you, your 3rd parties, and even their 4th parties. This is happening continuously, with Magecart looking for opportunities to steal your valuable data for sale on the dark web. It’s a complex and ever-changing problem. So what stage are you at in the customer hacking lifecycle?

We are pleased to announce that CloudSploit has joined the Aqua Security family. Aqua is the leading platform provider for securing container-based, serverless, and cloud native applications. CloudSploit rounds out its offering by adding our open-core Cloud Security Posture Management (CSPM) SaaS.

Activity Audit is a new feature included in the Secure 3.0 release. This feature speeds incident response and enables audit by correlating container and Kubernetes activity.

Sysdig Secure 3.0 introduces Kubernetes Policy Advisor to provide Kubernetes native prevention using Pod Security Policies (PSPs). This feature automates the generation of PSPs and validates them pre-deployment, so they don’t break applications when applied. This allows users to adopt Pod Security Policies in production environments quickly and easily.

Today, we are excited to announce the launch of Sysdig Secure 3.0! Sysdig Secure is the industry’s first security tool to bring both prevention and incident response to Kubernetes.

Recent allegations of an ex-Tesla employee syncing the Autopilot source code to his personal iCloud account is yet another classic case of how poor data security is, even in some of the most technologically advanced organizations. The Tesla leak isn’t even the first time that a data breach of such immense magnitude pertaining to self-driving technologies has occurred; in July 2018, an Apple employee was caught using AirDrop to transfer 40GB of confidential data to a personal PC.

Nowadays, it’s not uncommon to see enterprise IT leaders in a situation that seems like a catch 22. Oftentimes, they are expected to be involved in making data-driven decisions for augmenting productivity and profitability. Paradoxically, they are preoccupied with what they consider as their core responsibilities – applying best practices to safeguard the IT infrastructure and expediting investigations when incidents occur.