Last year cyber threats were at the forefront of many business leaders. Not only did the Australian Cyber Security Centre (ACSC), receive over 76,000 cybercrime reports, an increase of 13 percent from the previous financial year, major cybersecurity incidents at Optus, Medibank, and others made cybersecurity a top of mind issue for many in Australia and New Zealand.

A ransomware outfit is advising its victims to secretly tell them how much insurance they have, so their extortion demands will be met. As security researchers at Varonis describe, a new strain of the HardBit ransomware has taken the unusual step of asking targeted companies to spill the beans of whether they have cyber insurance (and the terms of that insurance) anonymously.

Vulnerability management (VM) is a challenging task. Of the three pillars of people, process, and technology, it is the latter that we have the most control over and that can make the greatest impact. We recognize that technology alone is not sufficient and must be accompanied by strong processes and skilled personnel. However, the right technology can greatly facilitate and improve the effectiveness of our vulnerability management efforts.

The ability to sign and verify the integrity and origin of software artifacts, such as Docker images, is critical to supply chain security. Let's try Sigstore, a new standard that promises to make this process much easier.

Complex cyberattacks dominate the headlines, making breaches seem sophisticated. In reality, most hacks are unbelievably simple and involve attackers targeting well-known configuration security gaps. In fact, cyberattacks are rather common. According to IBM, 83% of companies have experienced more than one breach while in operation.

Were you tasked with building a product that requires the execution of dynamic JavaScript originating from end users? You might think building it on-top of Node.js VM module is a viable way to create a JavaScript sandbox. In this article, we’ll learn why that’s far from being a recommended approach and the security implications of doing so. Every now and then there’s a project that challenges the rudimentary and routine backend development. APIs? Message queues?

Ransomware is the type of malware that locks you out of your own computer until you pay a ransom. This digital extortion is one of the most serious security threats facing the Internet today. Ransomware not only impacts unsuspecting Internet users, but business organizations, government institutions and even critical services such as utility, healthcare and emergency facilities. Ransomware has been around for many years.

I’m always amazed at just how quickly the developer community gets things done. Case in point: Just weeks after we launched 1Password Shell Plugins, we’re now 33 plugins strong… 14 of which were built by you, the developer community. 🤯

On January 25, Forward Networks was honored to host Cloud Field Day 16. We especially enjoy working with the delegates because of their industry experience and objective viewpoints; in fact, we launched our product at a Networking Field Day in 2017. This blog is the first in a series covering our Cloud Field Day 16 presentations.

The Sumo Logic Threat Labs team previously outlined the risks associated with unprotected cloud credentials found on Windows endpoints. This article builds on that work by providing detection and hunting guidance in the context of endpoints that run the Linux operating system. Although workloads that support business functionality are increasingly moving to the cloud, these workloads are often managed through an endpoint that is often found on premises.