The rise of cloud native and containerization, along with the automation of the CI/CD pipeline, introduced fundamental changes to existing application development, deployment, and security paradigms. Because cloud native is so different from traditional architectures, both in how workloads are developed and how they need to be secured, there is a need to rethink our approach to security in these environments.

There is already a well-documented history of cyber attacks targeting organizations in Ukraine - including the attack attributed to members of the Russian military intelligence group GRU - NotPetya. This threat actor has previously conducted attacks known as NotPetya, BlackEnergy, and has targeted high-profile events such as the Olympics, as well as perpetrated destructive attacks against Georgia.

Digital transformation puts all industries at greater risk of cyber attacks, and the healthcare industry is no exception. As US healthcare organizations increase their reliance on health information technology for purposes such as data sharing, process automation, and system interoperability, their attack surface expands rapidly. This rapidly multiplying number of attack vectors increases cybersecurity risk considerably.

Cyber threat intelligence (CTI) considers the full context of a cyber threat to inform the design of highly-targeted defensive actions. CTI combines multiple factors, including the motivations of cybercriminals and Indicators of Compromise (IOC), to help security teams understand and prepare for the challenges of an anticipated cyber threat.

Simply put, a data leak is when sensitive data is unknowingly exposed to the public, and a data breach is an event caused by a cyberattack. An example of a data leak is a software misconfiguration facilitating unauthorized access to sensitive resources - such as the major Microsoft Power Apps data leak in 2021. An example of a data breach is a cybercriminal overcoming network security controls to gain access to sensitive resources.

On Sunday, Feb. 13, the NFL’s San Francisco 49er organization issued a statement confirming they experienced a network security incident. Shortly after the incident, BlackByte ransomware gang listed the 49ers as one of their alleged victims. The 49ers franchise didn’t confirm if ransomware was involved, but it did state that only the corporate IT network was affected. As with all breaches, one commonality eventually appears: vulnerabilities.

Rubrik Continuous Data Protection (CDP) helps our customers protect mission critical VMware workloads with near-zero Recovery Point Objective (RPO). Recovery operations are available in both local and remote locations. It also integrates seamlessly with Rubrik Orchestrated Application Recovery to provide near-zero RPO and low Recovery Time Objective (RTO) disaster recovery for our customers.

Launched in 2016, the National Cyber Security Centre (NCSC) provides advice and support to the public and private sectors on how to address cybersecurity threats. At the moment, NCSC provides information and practical guidance in various articles on its website rather than formal requirements or regulations. That said, NCSC security audits are currently underway, to assess existing solutions and their level of alignment with NCSC guidelines.

In this January 2022 release, The Splunk Threat Research (STRT) team focused on the recently released Sysmon for Linux technology addition to Splunk. This new add-on opens the door for new ways of monitoring, creating detections, and defending against Linux systems threats. Linux is the most commonly used operating system across the world with approximately 67% of the internet.

In cloud native computing (Kubernetes in our case), there is a requirement to automatically scale the compute resources used for performing a task. The autoscaling cloud computer strategy allows to dynamically adjust the active number of application servers and allocated resources instead of responding manually in real-time to traffic surges that necessitate more resources and instances.