A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Quite a weird bunch this week. First is a sub domain of a well known brand being taken over to host a scam. Luckily didn’t get away with a huge amount, but even so something to watch for with other brands.

Maybe I’m a bit late to the game on this one, but I recently discovered PwnFox and it has quickly one of my favorite tools yet. So, what is PwnFox? To put it simply, it’s a BurpPro extension that works with Firefox. It accomplishes two things. First, it helps containerize up to eight (yes, that’s right… eight!) different sessions within one browser and secondly, it organizes all your proxied traffic in Burp BY COLOR! I’ll dive a bit more into #2 in a second.

Nowadays, there is a wide range of solutions on the market that claim to safeguard the security of corporate computers and networks. Benefits such as protection against sophisticated malware attacks, good performance when running processes, usability or quality technical support should be the norm, but this is not always the case.

This week BlackHat Asia 2022 took place in hybrid mode. It’s one of the most important events within the #infosec community, where security experts show how far they can go. In this edition, the trend of talks and tools focused on improving the security of Kubernetes, Cloud Security or Supply Chain, either from the perspective of the blue team or the red team.

The transaction details and monetization patterns of modern eCrime reveal critical insights for organizations defending against ransomware attacks. Cybercrime has evolved over the past several years from simple “spray and pray” attacks to a sophisticated criminal ecosystem centered around highly effective monetization techniques that enable adversaries to maximize success and profitability.

This blog is part two of a series about identity-aware access for Amazon RDS. In Part I, we covered how to use OSS Teleport to access Amazon RDS instances running in private subnets. In Part II, we will guide you through the steps to configure single sign-On (SSO) for Amazon RDS with Okta, SAML and Teleport.

To keep pace with the demands of a digital-first economy, organizations are accelerating cloud adoption and expanding work-from-anywhere initiatives. But as operations become more efficient, security teams struggle to keep pace. Existing solutions are not built to scale and can’t provide seamless access that safeguards data, which now reside in countless applications on premises and in the cloud.

The constantly changing world of cybersecurity can leave you longing for an understanding of today's modern threats. A solid foundation of cybersecurity terminology is a great first step toward understanding the world of cyber threats and how to help minimize and mitigate risk for your organization. But with more acronyms added every year, it can be a daunting task to keep up. Thankfully, we're here to help.

Missed last week’s archTIS Defense & DIB Cybersecurity Summit with leading industry and defense experts? Watch the recording for their insights on the zero trust, CMMC 2 and the new threats the industry is facing and how to best combat them.

Cyber ​​security threats and measures mandated by regulations require an advanced security solution for organizations. Many reasons, such as false positives, difficulty in budget control, vulnerable protocols, and misconfigurations, can be confusing when choosing the right security solution. In order to get rid of all these concerns, security information and event management (SIEM) solutions come to the fore as solid and centralized security platforms.