Project Memoria was the largest study about the security of TCP/IP stacks, conducted by Vedere Labs and partners in the cybersecurity industry. It started from a collaboration with JSOF to understand the impact of Ripple20 and led to the discovery of almost 100 vulnerabilities in 14 TCP/IP stacks, divided into five phases: AMNESIA:33, NUMBER:JACK, NAME:WRECK, INFRA:HALT and NUCLEUS:13.
The Unique Identification Authority of India (UIDAI), which issues Aadhaar cards, has advised states and organizations to verify a person’s Aadhaar number before accepting it as proof of identity in physical or online platforms. The UIDAI has proposed the move to prevent Aadhaar misuse and to verify the authenticity of the individual’s ID verification evidence in any form (Aadhaar Card, PAN card, Driver’s license, Voter ID).
Data breaches are on the rise, so it’s critical that companies properly protect their customers’ passwords. One of the ways that businesses do this is by hashing passwords before storing them.
Threat actors continue to work faster and show greater sophistication in their tactics, techniques, and procedures (TTPs). Meanwhile, organizations struggle to keep pace because they are strapped by the persistent shortage of skilled cybersecurity professionals which, exacerbated by the pandemic, grew by 26.2% over the past year.
‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.
With new technology being developed at a rapid pace, adaptability is crucial for a company to thrive against its competitors. IT cloud modernization is a great way to drive sales growth, have the edge over your competitors, and boost your employees’ productivity while enabling greater satisfaction and collaboration with your partners, contractors, and customers.
The Open Policy Agent (OPA) is a policy engine that brings the speed, reliability and flexibility of decoupled policy as code to a wide range of authorization use cases across the cloud-native ecosystem. OPA is a Cloud Native Computing Foundation (CNCF) graduated project and has become an industry-wide standard for authorization, with several leading enterprises implementing it in their business-critical cloud systems.
As 2022 comes to a close, Professor Avishai Wool, AlgoSec Co-Founder and CTO, provides his top 5 issues organizations will need to be aware in 2023 that will also dominate the cyber community conversation.
Security in cloud providers like AWS is usually the highest priority. With EKS, unlike bring-your-own vanilla Kubernetes instances, you benefit from a data center and network architecture that is built to meet the requirements of the most security-sensitive organizations. To achieve this, one of the best ways is to use all the security layers we are capable of having. In this case, we will explain how to use GuardDuty and Falco to speed up threat detection.
