Security

logsign

What are the NERC Reliability Standards?

NERC is a non-profit organization that sets industry standards, educates and trains industry personnel and provides guidelines for grids. You can find the details on NERC and NERC reliability standards in our article. What is NERC? NERC refers to the North American Electric Reliability Corporation. It is a non-profit organization whose main aim is to provide necessary regulations that reduce the risks regarding reliability and security.

ioncube24

Weekly Cyber Security News 24/01/2020

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24 As IoT encroaches further every day into our lives, often as a result of some marketing guy’s idea to flog their junk, the fear that it could all wreak havoc at some point catches me. This week a wonderful article hit my feed which highlights what could be reality for some now, and a great number in the years to come.

nnt

Weaknesses in Industrial Control Systems Continue to Pose Serious Risks

A study by PAS Global recently discovered over 10,000 industrial endpoints that are affected by over 380,000 known security vulnerabilities. Industrial Control Systems (ICS) are used across the oil and gas industry, power generation, refining and chemical production, pulp and paper manufacturing, and mining industries. While advantageous for various reasons, these systems also pose a serious threat to security.

rapidspike

Capture the Page Source of Website Errors

When it comes to website errors and issues, seeing is believing. Like most developers, I’ve been guilty of using the line “it works on my machine” when confronted with an annoying bug that only shows up under some obscure conditions. But just because one person doesn’t see it, doesn’t mean tens or hundreds of customers aren’t experiencing it.

alienvault

Healthcare security: How can blockchain help?

This is part 2 of a blog on healthcare security. For more info, check out part 1. An independent guest blogger wrote this blog. When it comes to data security, there is no more important place than the healthcare industry. When people go to the doctor, they provide all of their most sensitive information, from their health issues to their phone number, to a doctor they trust.

tripwire

Ransomware: The average ransom payment doubled in just three months

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.

sysdig

Understanding Kubernetes pod evicted and scheduling problems

Pod evicted and scheduling problems are side effects of Kubernetes limits and requests, usually caused by a lack of planning. Beginners tend to think limits are optional, and merely an obstacle for your stuff to run. Why should I set a limit if I can have no limits? I may need all CPU eventually. With this way of thinking Kubernetes wouldn’t have gone far. Fortunately, Kubernetes developers had this in mind, and the quota mechanism is designed to avoid misuse of resources.

onpage

How Threat Intelligence Can Improve Your Security

A new cyberattack occurs roughly every 39 seconds. Each of these attacks leaves behind a variety of evidence, including IP addresses, log events and malicious files. This evidence can be incredibly valuable to security teams but only if it’s analyzed and placed in context. There is simply too much attack data from too many sources to be useful when data is in a raw format. Threat intelligence is the solution for making raw data actionable.

stackrox

StackRox on security for Google Anthos

Today we shared the news that StackRox supports the Anthos platform (download joint solution brief), extending the reach of our hybrid and multicloud security approach. Anthos and the StackRox Kubernetes Security Platform share a lot of common principles in delivering consistency across different environments – enabling both the infrastructure itself as well as the security policies and controls to bridge these worlds makes for a powerful combination.