On Nov. 24th 2021 a severe security vulnerability, called “Log4Shell”, has been reported in the JAVA framework “Log4J” 2.x which is widely used for event logging in JAVA applications worldwide. The vulnerability allows cyber-attackers to execute arbitrary code by injecting it into a logging process implemented in Log4J. The “Log4Shell” vulnerability allows complete server takeover by the attackers.

Right now, cybersecurity is more important than ever. Major changes to how we work and live — like the pivot to remote work or the growing use of IoT (internet of things) devices — have created new cybersecurity vulnerabilities and challenges. Businesses will need new strategies to respond to the changing cybersecurity threat landscape. These cybersecurity trends are likely to show where the field is moving in 2022 and how businesses should prepare.

Microsoft Teams has exploded in popularity in recent years, going from 2 million users in 2017 to roughly 250 million today. That growth is due in no small part to the disruptions caused by the global pandemic, with employees working from home and still needing to collaborate.

Endpoint data loss prevention (DLP) discovers, classifies, and protects sensitive data – like PII, credit card numbers, and secrets – that proliferates onto endpoint devices, like your computer or EC2 machines. This is a way to help keep data safe, so that you can detect and stop occurrences of data exfiltration. Our endpoint DLP application will be composed of two core services that will run locally.

Without a doubt, Kubernetes is the most prominent container orchestration tool. And you’ve probably noticed that many positions available to IT professionals require Kubernetes experience. One way to gain or prove your Kubernetes knowledge is by becoming a Certified Kubernetes Administrator (CKA). This certification is issued by the Cloud Native Computing Foundation (CNCF) in collaboration with the Linux Foundation. They offer three Kubernetes related certifications.

Sideloading is the installation of software from a third party rather than an approved source, for example applications that are not available from official vendors or app stores. This hack is creating yet another valuable opportunity for cybercriminals.

To paraphrase the familiar yuletide song, in the world of IT this is “the most speculative time of the year.” True, tying predictions to the regular calendar may be a bit out of sync for much of the business and government world—the federal fiscal year begins on Oct. 1, and here at Synopsys we say Happy First Quarter on Nov. 1. But we all still celebrate the new year on New Year’s Day.

Rubrik customers have an advantage when it comes to mitigating the log4j crisis. Utilizing our API-first architecture, Rubrik customers can make a single API call to find instances of log4j across their protected systems.