The Kubernetes 1.27 release brings multiple enhancements and security updates, providing users with an improved, more flexible, and secure platform for building and managing containerized applications. This post will provide an overview of the security-related updates and most significant enhancements in v1.27.

A method used in domain impersonation attacks, combosquatting aids the threat actor by using a modified domain name to further increase the credibility of an attack. If you aren’t familiar with the term combosquatting, it’s where a threat actor takes a legitimate domain – let’s use companyco.tld and combine another phrase with the domain name to create something like support-companyco.tld.

The use of Large Language Models (LLMs) is the fine tuning AI engines like ChatGPT need to focus the scam email output to only effective content that results in a wave of new email scams.

Affinity phishing scams are ones in which criminals cultivate trust in their prospective victims by trading on common background, either real or feigned. Thus a fraudster might claim a common religion, a shared military background, membership in a profession, or a common ethnicity, all with the goal convincing the victim that they can be trusted. What follows all too often one can readily imagine.

In the past year, we’ve shifted our infrastructure from a single Amazon Web Services (AWS) account owned by our Platform team to multiple domain-specific accounts. For each product domain and environment, we have created AWS accounts, which has allowed us to improve stability and security by reducing the blast radius. This setup also provides excellent scalability with good cost observability across the organization.

AI coding is here, and it’s transforming the way we create software. The use of AI in coding is actively revolutionizing the industry and increasing developer productivity by 55%. However, just because we can use AI in coding doesn't mean we should adopt it blindly without considering the potential risks and unintended consequences.

A healthy financial sector is essential for economic stability and security. Cybersecurity frameworks can help financial organizations meet the requirements of financial regulations and ensure that the financial system operates safely and securely while protecting the rights and privacy of consumers.

All businesses, regardless of size or industry, are potential targets for cybercriminals. As businesses become more aware of the importance of password security in preventing data breaches, they focus on the most obvious areas of weakness, such as employee email accounts and network passwords. However, social media passwords present unique security challenges that organizations may be ill-prepared to handle.

Small and medium-sized businesses account for 4.17 percent of private sector employees and almost half of the United States’ gross domestic product , yet—due to limited finances, resources, and staff—many have difficulties when it comes to supply chain management. Geopolitics, inflation, and worker shortages are just a few variables that can impact supply chains; 86% of SMB supply chains have already been or expect to be impacted by Russia’s war in Ukraine.

When creating a strong risk management program within your organization, your business processes need controls in place for maintaining security and mitigating risks. And to assure the continued effectiveness of these controls, the compliance team should also have continuous control monitoring in place. Continuous control monitoring, or CCM, is a subset of continuous data assurance. It can be programmed within your GRC dashboard or risk management software solution.