Previously we introduced the concept of cloud leaks, and then examined how they happen. Now we’ll take a look at why they matter. To understand the consequences of cloud leaks for the organizations involved, we should first take a close look at exactly what it is that’s being leaked. Then we can examine some of the traditional ways information has been exploited, as well as some new and future threats such data exposures pose.
No, we aren't talking about your burger-inhaling operator passing out on the job, leaving your precious IT assets unattended. You've probably guessed that we're referring to the latest Wendy's data breach announcement: on June 9th, the international fast food chain disclosed that its January 2016 security compromise was, in fact, a lot worse than originally stated—potentially eclipsing the Home Depot and Target data breaches.
The insurance industry has been consistently targeted for cyber attacks as of late, for good reason: sensitive data is at the heart of every process—from handling health insurance claims to archiving medical histories. And because medical records are worth ten times more than credit card information on the black market, firms handling said data are required to take extra precautions in bolstering information security.
A company’s first few years can often give an indication of where it’s going, allowing us to make assumptions about its future. Bulletproof is still in its early phases, being just a couple of years old, but having been privy to the first official quarterly update, it’s clear that the business has a great deal of potential.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Some horrendous lapses of security this week, all of which I’m going to ignore as they are too obvious. The ones I want to highlight (oh dear, a pun to come, sorry), are in my usual sphere of interest: hardware hacks and IoT.
Container security is not a unitary action but a multifaceted process. It involves securing the build environment using secure code control and other strategies. The procedure also necessitates securing containers’ contents via code analysis and unit tests.
It’s been a busy summer at AlienVault! Amid some major company announcements, we continue to evolve USM Anywhere and USM Central with new features and capabilities that help you to defend against the latest threats and to streamline your security operations. You can keep up with our regular product releases by reading the release notes in the AlienVault Product Forum. Here are a few of the highlights from our July and August 2018 releases.
It is a well-known fact that legacy equipment shall continue to play a crucial role in the continuity and stability of critical infrastructure, especially in industrial control systems. A recent Center for Digital Government survey found that 70% of respondent agencies depend on legacy infrastructure for their operations.
Back in the good old days, we used to have to order physical servers to run our applications. When servers became too expensive, we found efficiency in virtualization. Why have one box running one server when I could have 10 or more on a single box? Who would have thought I could simply push a button and have a server ready in minutes as opposed to weeks?
Recently, when discussing Chrome’s current push to get everyone onto HTTPS, we touched upon the TLS handshake, mentioning that the latest version of TLS was version 1.2. Since then, TLS version 1.3 has been made available for use, successfully dating our literature that was previously held with such high esteem. Of course, TLS v1.3 still has to be adopted and implemented by the Internet in general, so for the most part 1.2 will still be the most prominently used version for a while yet.
