Judging by the reactions I saw in the audience during my past talks on “Securing Containers By Breaking In”, as well as recent reactions on Twitter, not many know about Docker Hub’s fairly recent multi-factor authentication feature. In October 2019, in order to improve the Docker Hub authentication mechanism, Docker rolled out a beta release of two-factor authentication (also known as 2FA).

Today, AWS announced the general availability of Amazon ECS Exec, a powerful feature to allow developers to run commands inside their ECS containers. Amazon Elastic Container Service (ECS) is a fully managed container orchestration service by Amazon Web Services. ECS allows you to organize and operate container resources on the AWS cloud, and allows you to mix Amazon EC2 and AWS Fargate workloads for high scalability.

On March 2, Microsoft released patches for four zero-day vulnerabilities affecting Exchange Server 2013, 2016, and 2019 (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065). In the following weeks, attackers have been aggressively targeting vulnerable servers to install web shells that provide persistent remote access to infected servers. On March 9, attackers began installing a new ransomware variant known as DearCry or DoejoCrypt on infected servers.

Today Lookout announced that we’ve acquired CipherCloud, a leading cloud-native security company that operates in the emerging Secure Access Service Edge (SASE) market. The combination will create the industry’s first company capable of providing an integrated endpoint-to-cloud security solution.

The coronavirus pandemic has added new layers to the threat landscape facing corporate security leaders in 2020 and going into 2021, as well. As businesses and workforces sought to adapt rapidly to remote working at scale, malicious groups and other threat actors began exploiting opportunities to target stressed people and systems with malware.

Gartner predicts that large enterprise exclusive use of AIOps and digital experience monitoring tools to monitor applications and infrastructure will rise from 5% in 2018 to 30% in 2023. And this prediction is soon turning into a reality. AIOps is showing promising business value as it impacts measurable metrics such as mean time to detect (MTTD), mean time to acknowledge (MTTA), mean time to restore/resolve (MTTR), service Availability, percentage of automated versus manual resolution, and so on.

Cloud security. Cloud architecture. Cloud storage. As you start scaling your business, you know “the cloud” is an important element of your IT capabilities. But, it can be a little confusing to understand the ins and outs of “the cloud” — especially when it comes to using cloud-based tools for your company to work remotely. Before we get into private vs public clouds, let’s quickly establish what we mean by cloud computing.

On Friday, March 12th, ChaosSearch announced that its ChaosSearch Data Platform won Gold for two product categories in the 2021 Cybersecurity Excellence Awards: Best Security Analytics Solution and Best Security Log Analysis solution. Of course, we are thrilled to be recognized for our leadership and innovation in security analytics, but beyond that, these awards help to highlight ChaosSearch’s advantages in an area of growing importance to Security Operations (SecOps) teams.

Getting incentives for the best security practices is a win-win for all healthcare-related entities. For one, you are getting incentives, and secondly, you are making sure that you have a rock-solid defense in terms of security. Many organizations find that the rules and regulations that HIPAA entails are too extensive and overwhelming, however. What’s more, cybersecurity wasn’t a thing when HIPAA was introduced.

Five worthy reads is a regular column on five noteworthy items we discovered while researching trending and timeless topics. In this week’s edition, let’s explore how quantum computing works and how it impacts cybersecurity.