An enumeration attack is when cybercriminals use brute-force methods to check if certain data exists on a web server database. For simple enumeration attacks, this data could include usernames and passwords. More sophisticated attacks could uncover hostnames, SNMP, and DNS details, and even confirm poor network setting configurations. Every web application module that communicates with a user database could potentially become an enumeration attack vector if left unsecured.

In a recent Tripwire survey, over 300 respondents from both private and public sectors said that implementing Zero Trust Architecture (ZTA) could materially improve cybersecurity outcomes. This result seems like a positive outcome since we don’t often get such a unanimously high confidence level in a specific security approach from survey data.

Organizations across various industries spend their time and resources to mitigate impending cybersecurity threats to protect their assets and sensitive data. As new technologies come into play, more comprehensive cybersecurity measures are needed to protect these organizations. We’re in a time when remote work has become the norm, thus making cybersecurity that much more of a priority for many organizations.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. The joys of electric cars, and because you have all the gizmos at your disposal does it mean you should use them at every opportunity?

ionCube Encoder 11 is now available at ioncube.com and supports PHP 7.4 syntax encoding as well as including a range of other improvements. It also happens to be Black Friday and so we are able to offer this brand new release at a great discount!

Security researchers are warning biomanufacturing facilities around the world that they are being targeted by a sophisticated new strain of malware, known as Tardigrade. The warning comes from the non-profit Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) which revealed that at least two large facilities working on manufacturing bio-drugs and vaccines have been hit by the same malware this year, in what appear to be targeted attacks.

As digital transformation continues post-COVID more organizations, including those covered by HIPAA, will seek out SaaS solutions that make collaboration easier. Fortunately more and more applications like Slack are enabling HIPAA compliant use. In early 2019 as Slack filed for its IPO, the company also updated its security page to provide details on its qualifications as a HIPAA compliant messaging app.

In 2014, Kubernetes surfaced from work at Google and quickly became the de facto standard for container management and orchestration. Despite its silicon valley origins, it became one of the most impactful open-source projects in the history of computing. Today, the Cloud Native Computing Foundation (CNCF) maintains Kubernetes with many private companies and independent open-source developers.

For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed Bill Kunneke, Chief Technology Officer at Leasecake. Bill has over twenty years of experience as an IT professional and a proven technical leader who delivers large and often transformative IT projects while communicating complex technical solutions to key stakeholders and executing strategic IT functions.

Oculus (also now known as Meta) Quest is a virtual reality headset and game craze created by Facebook, and it is the ultimate tech must-have for the holidays in 2021. My 11-year-old son is obsessed with it and during the past few months it has been impossible to get due to a recall and the wait for the new Quest 2 to be released.