Cyber threats are ubiquitous these days, and companies are scrambling to find better ways to protect themselves. But in the world of cybersecurity, not all data is equal, which begs the question: What data should I protect? For instance, it’s one thing to protect routine customer orders, but credit card numbers deserve extra protection. Likewise, access to sensitive financial information related to mergers, acquisitions, or IPOs needs to be limited to a small group of people.

Secure access service edge (SASE), as an architecture, is only three years old, but rapid adoption by organizations is making SASE one of the fastest-growing technology market categories in history. Functionally, SASE will change—and is already changing—how teams make security and networking technology purchases.

With the global economy experiencing a slowdown, security teams are feeling the pressure to reduce costs without sacrificing security. But while it's important to be fiscally responsible, making cuts in the wrong areas can put your organization at risk. Malicious actors know that businesses are under even more pressure during times of economic turmoil.

MSPs are being targeted by cybercriminals, as a single successful attack opens the door to multiple victims. This puts additional pressure on cybersecurity partners to step up the security services they offer their customers. The figures are worrying, as 9 out of 10 managed service providers state they have suffered a successful cyberattack since the start of the pandemic. This means MSPs are overtaking end users as the main target of malware, ransomware, phishing and other threats.

As you probably know by now, PodSecurityPolicy has been deprecated from Kubernetes for over a year, since the release of Kubernetes 1.21. In short PSP was an admission controller that let cluster managers control security by managing pod-specific policy. Like most other admission controllers, PSP could specify requirements one must meet to enter a pod, and deny any requests which don’t meet that requirement. In rare cases, PSP could also modify pod fields, changing requirements for access.

Abusing a gMSA is relatively simple conceptually. First, get its password using a tool like Mimikatz or by querying it directly due to insecure configurations in Active Directory. Since gMSAs are service accounts, they’re usually relatively privileged, so you’ll usually be able to move laterally or escalate. Let’s walk through an example scenario.

In a new article for HelpNet Security, Leon Juranic, security research team lead at Mend, states the case for taking proactive defensive steps against a new attack called Evil-Colon. Evil-Colon works similarly to the now defunct Poison-NULL-Byte attacks, and it has the potential to cause severe disruption to your code if not properly addressed. What does all this mean? In a nutshell, it’s possible to exploit applications that are performing path-based operations with user input in various ways.

Using best practices for cyber vendor risk management (Cyber VRM), organizations can identify, assess, and remediate their third-party vendor risks specifically related to cybersecurity. Organizations can utilize information attained from security ratings, data leak detection, and security questionnaires to evaluate their third-party security postures using dedicated Cyber VRM solutions.

According to a 2021 study by UpGuard, over 51% of analyzed Fortune 500 companies were unknowingly leaking sensitive metadata in public documents - data leaks that could be very useful in a reconnaissance campaign preceding a major data breach. Without timely detection solutions, all corporate (and personal) accounts impacted by data leaks are at a critical risk of compromise, which also places any associated private internal networks at a high risk of unauthorized access and sensitive data theft.

In our previous blog breaking down The 5 Fundamentals of Cloud Security, we discussed the importance of knowing your environment. Teams need to have a comprehensive inventory of their cloud environments to have a clear understanding of the security risks that might exist within. With that in mind, let’s explore the importance of vulnerability prevention and secure design working together to keep threat actors from gaining meaningful access to your organization’s cloud control plane.