Security

The latest Security News & Information

upguard

What is the Dark Web?

The dark web is a collection of websites that exist on encrypted darknet, overlay networks that can't be found by search engines or visited with traditional web browsers. Almost all websites on the dark web require special software (like the Tor browser), configurations or authorization to access. One common misconception is the confusion between the dark web and the deep web. The dark web makes up a small part of the deep which, the part of the Internet that is not indexed by search engines.

logsign

What is CSIRT? What are CSIRT Roles and Responsibilities?

What is CSIRT? CSIRT (pronounced see-sirt) refers to the computer security incident response team. The main responsibility of the CSIRT is to expose and avert cyber attacks targeting an organization. As the number of cyber threats grow each and every day, the importance of having a security team that is solely focused on incident response (IR) is fundamental.

stackrox

Docker Security 101: challenges, risks, and 33 best practices

Containers, along with orchestrators such as Kubernetes, have ushered in a new era of application development methodology, enabling microservices architectures as well as continuous development and delivery. Docker is by far the most dominant container runtime engine, with a 91% penetration according to our latest State of the Container and Kubernetes Security Report.

tigera

Istio Routing Basics

When learning a new technology like Istio, it’s always a good idea to take a look at sample apps. Istio repo has a few sample apps but they fall short in various ways. BookInfo is covered in the docs and it is a good first step. However, it is too verbose with too many services for me and the docs seem to focus on managing the BookInfo app, rather than building it from ground up. There’s a smaller helloworld sample but it’s more about autoscaling than anything else.

nnt

Report Finds Over Half of UK Orgs Still Not GDPR Compliance

Despite GDPR having been enacted over 15 months ago, over half of UK organizations are still not compliant with the General Data Protection Regulation (GDPR). The report released by Egress, GDPR Compliance: where are we now?, polled 250 GDPR decision-makers and found that 52% were not fully compliant with the new regulation. Even worse, 35% of respondents claimed compliance with the EU-wide data protection regulation had actually dropped down on the priority list over the past year.

manageengine

The Joker's in town. Time to secure your Android devices

Security experts from Google have discovered a new spyware in 24 Play Store apps that, combined, have more than 472,000 downloads. Researchers have stated that this spyware also has the capabilities of normal malware and appears to have infected certain apps in Google Play with more than 100,000 installations. Cybercriminals are deploying this spyware through the advertisement framework in those compromised apps.

upguard

DNSSEC: What Is It and Why Is It Important?

The Domain Name System Security Extensions (DNSSEC or DNS Security Extensions) is a set of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. DNSSEC provides DNS resolvers origin authentication of DNS data, authenticated denial of existence and data integrity but not availability or confidentiality.