vulnerability
Mitigating the First Major Kubernetes Vulnerability
This post was originally published here by siri oaklander. Recent news on the discovery of the first Kubernetes vulnerability, the popular cloud container orchestrations system, highlights two things critical to security, the need to: Audit and harden systems on the periphery and inside an infrastructure, and Continually review these systems for vulnerable packages and configurations during their […]
Kubernetes Cloud Security is vulnerable to hackers
Security researchers have recently found out that Kubernetes cloud platforms have a big security bug which offers hackers the privilege to access the software applications running on the nodes. Note- Kubernetes is a software intuitive tool which offers easy management access to large numbers of containers similar to virtual machines running on multiple operating systems […]
Cyber Attack news for the day
On October 31st, 2018 the third phase of the public hearing has started on the Cyber Attack related to SingHealth. And to surprise us all, some interesting facts came into light. This includes the reality that the senior manager and some senior staff members of the healthcare provider showed reluctance in disclosing the cyber incident […]
Data Breach stories for this day
1.) Three million Google Chrome UK users are vulnerable to hackers-A research conducted by a cybersecurity consultancy firm named ‘Surecloud’ has discovered that all 3 million Google Chrome users in the UK and 30 million Chrome users on a global note are vulnerable to hackers. Experts suggest that the security flaw could make hackers steal […]
WhatsApp users should be aware of this Cyber Security Vulnerability
All those who are using WhatsApp, you better be aware of this new cybersecurity threat related to WhatsApp. It’s said that a bug in the said messaging app allows hackers to infiltrate into their WhatsApp app and send messages and group chats to near and dear ones without your knowledge. And if this flaw can […]
LTE data transmission is vulnerable to hackers
Researchers have found few mobile security loopholes in the data transmission of LTE networks aka 4G networks. Experts say that the vulnerability identified recently is found to affect almost all mobile phones and tablets connected to 4G networks. And the weakness could also spread to the upcoming mobile telephony standard 5G. Mobile security researchers from […]
Shallow Defense In Depth
Are More Security Controls Really Making You More Secure? The average enterprise uses 75 security products just to secure their network. Organizations mistakenly believe that layered security controls help them achieve a defense-in-depth strategy that will keep their systems safe. They think that when an attack breaches one control, another one will certainly fend off […]
Windows 10’s Controlled Folder Access Won’t Protect Your Data
What is Controlled Folder Access? With the release of Windows 10 Fall Creators Update, Microsoft added a new feature called Controlled Folder Access (CFA) to Windows Defender Exploit Guard. This features allows users to control which processes can access certain folders to help protect data from malicious programs, such as ransomware or wipers. CFA is […]
Case study: CloudPassage enables security for the Centrify DevOps team with vulnerability assessment and reporting, along with compliance reporting
This post was originally published here by casey pechan. We love our customers, especially when they make for the perfect case study! This was particularly true for Centrify, an Identity-as-a Service (IDaaS), enterprise mobility management and privileged access management solution that serves over 5,000 organizations worldwide. Being a security organization themselves, Centrify needed continuous visibility into […]
Google issues a Mobile Security patch to Android Application Package Vulnerability!
Android attackers started to exploit a vulnerability of the said OS that enables hackers to bundle malware with Android Application Files and evade antivirus products. The vulnerability identified as CVE-2017-13156 and called as Janus was reported to Google in July this year by researchers from cybersecurity firm GuardSquare. After analyzing the flaw, the security researchers […]