Microsegmentation represents a transformative approach to enhancing network security within Kubernetes environments. This technique divides networks into smaller, isolated segments, allowing for granular control over traffic flow and significantly bolstering security posture. At its core, microsegmentation leverages Kubernetes network policies to isolate workloads, applications, namespaces, and entire clusters, tailoring security measures to specific organizational needs and compliance requirements.

Keeping Windows Server systems updated with the latest patches is one of the key things that administrators can do to ensure their Windows Server environments are stable and secure. Patching is one of the necessary evils that administrators need to manage to keep Windows, Linux, and other environments healthy. Hyper-V hosts are part of the infrastructure that also needs to be kept updated.

As cybersecurity becomes increasingly important in software development, the “shift left” security approach is widely recognized as a best practice for ensuring superior application security. Numerous traditional security firms are introducing shift-left products and capabilities, and the concept is gaining traction. However, some open source application security tools are more developer-friendly than others.

A recent survey from Gartner forecasts that worldwide end-user spending on public cloud services will total $679 billion in 2024, and that number is expected to jump to $1 trillion in 2027. Businesses left and right are moving to the cloud. But as they make their move, the old ways of protecting data—like building a virtual wall around your data (“perimeter security”)—are proving inadequate.

We’re excited to bring you two significant updates to Veracode Fix: our AI-powered security flaw remediation tool. Since we launched Fix nearly a year ago, two requests have dominated our customer feedback: We recently launched a new version of Veracode Scan for VS Code that included Fix (with more IDE’s to follow), which answered some of those requests, and now we’re updating Fix to cover more languages and a new mode that will automatically apply the top-ranked fix.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! I think the moral of this story is, if you receive an unexpected alert from service you’ve had a long time and wasn’t informed this was a new feature; treat with caution.

On April 12th, Palo Alto disclosed a vulnerability with a maximum severity rating for the PAN-OS Global Protect Gateway. There was clear evidence that the vulnerability was being actively exploited as early as March 26th. When exploited, this vulnerability enables an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Palo Alto expected patches to be released for tested mitigations to block known attacks on April 14th.

According to the U.S. Chamber of Commerce, the pressure is mounting on small and medium businesses (SMBs), as they must get their cyber preparedness correct or the next cyber attacks could prove disastrous.

Hackers love to trick employees into wiring them money using emails that look legitimate. Here's what you need to know about business email compromise scams.

In the increasing digitisation of essential services, governments worldwide have been enacting legislation to ensure the protection of vital systems. Australia is like no other, and as we in cybersecurity are all aware, the Security of Critical Infrastructure Act 2018 (SOCI Act) stands as a crucial piece of legislation aimed at safeguarding our nation.