The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Captchas are used on many websites to protect user accounts from bots and other automated programs, preventing them from accessing the website. According to Imperva's research, harmful bots generate 25.6% of all web traffic in 2020. They are used by spammers to send automated messages to users, and by hackers to attack websites with automated scripts that often wreak havoc on the site’s performance.
S3 buckets without encryption can leave sensitive data exposed and at risk. As a best practice and to meet a number of industry and governmental regulations, it’s important to ensure that S3 server side bucket encryption has been properly applied at all times. To do this, many security teams rely on their Cloud Posture Security Management (CSPM) platform and/or AWS GuardDuty to monitor their AWS resources and provide alerts when an S3 bucket is found unencrypted.
Online privacy is no laughing matter, until it is. Now, we’re very serious about fundamental human digital rights and we work day and night to make sure our users' data is wrapped up safe and sound. But that said, sometimes you need to take a step back and relax. Yes, how corporations and governments track us online is horrifying. Of course, the erosion of personal privacy and individual freedoms is worrying. And yeah, the world and the internet are in rough shape right now.
Gartner introduced a new security architecture called Security Service Edge, or SSE, back in March 2021. Now finally, after a long wait, they’ve just published their first Magic Quadrant for SSE in February 2022. This begs the question, is SASE dead? To answer, we need to look at what is SSE vs SASE, and what are the challenges SSE addresses. For easy reference, Gartner created the following SSE definition.
One of Grafana’s most powerful features is the ability to funnel data from hundreds of different data sources (i.e., services or databases) into a single dashboard without migrating the data from where it lives. You can connect and correlate data from Grafana’s curated observability stack for metrics, logs, and traces, or third-party services, such as Splunk, Elasticsearch, Github, Jira, and many more.
In December, information security researchers discovered a serious vulnerability in the popular open-source logging library, Log4j. If exploited, this vulnerability, known as Log4Shell, could allow malicious attackers to execute code remotely on any targeted computer. Millions of computers use Log4j. According to one study, 93% of all cloud environments are affected by the vulnerability.
If there is one thing that the pandemic has given us apart from a “new normal,” it's the massive spike in ransomware attacks across the globe. Despite law enforcement agencies telling victims to avoid paying ransoms, the average amount of rin 2021 exceeded a whopping $102 million per month.