The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Security experts from Google have discovered a new spyware in 24 Play Store apps that, combined, have more than 472,000 downloads. Researchers have stated that this spyware also has the capabilities of normal malware and appears to have infected certain apps in Google Play with more than 100,000 installations. Cybercriminals are deploying this spyware through the advertisement framework in those compromised apps.
Will a technology not heard of four years ago completely change the Cloud Wars landscape? Are we going to see enterprises finally make a shift to multi-cloud? Is AWS Lambda ready for primetime?
In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.
The rate of cyberattacks is alarming. The number keeps increasing every year. According to the FBI’s 2019 Internet Crime Report, in 2018, cybercrime leads to a $2.7 billion loss. This means that you have to up your game when it comes to protecting your website content. You can prevent cyber attacks by controlling any form of data that comes from users.
In this four-part series, Combating threats with UEBA, we explore hypothetical cyberattacks inspired by real-life events in four different industries: healthcare, finance, manufacturing, and education. We’ll take a look at unforeseen security attack scenarios, and discover how user and entity behavior analytics (UEBA) can be leveraged to safeguard organizations.
Does your business accept credit card payments? If that’s the case, you should read this article to find out what the challenges to the Payment Card Industry Data Security Standard (PCI DSS) are, and the current best practices to ensure that you are in compliance with this legal requirement.
AquaSec’s Daniel Sagi recently authored a blog post about DNS spoofing in Kubernetes. TLDR is that if you use default networking in Kubernetes you might be vulnerable to ARP spoofing which can allow pods to spoof (impersonate) the IP addresses of other pods. Since so much traffic is dialed via domain names rather than IPs, spoofing DNS can allow you to redirect lots of traffic inside the cluster for nefarious purposes.
