Ideally, healthcare would be the last industry to be targeted by hackers and cyberattackers—surely no one would want to cripple critical hospital infrastructure and play around with lives. However, the healthcare industry continues to be the most affected in terms of average data breach cost, peaking at $9.2 million in 2021.

What can’t you buy on the internet? Last-minute birthday gifts. Check. A new refrigerator. Check. An engagement ring. Check. Groceries. Check. Travel to foreign lands. Check. Internet-driven consumerism is a critical component of our economy. But it has its dark side filled with demons.

The rising adoption of digital processes in manufacturing has fundamentally changed how this sector does business. The increased reliance on digitization and network connectivity has sharpened the risks of company data exfiltration, intellectual property damages, and more, especially those stemming from insiders. Insider threat actors operate from a position of trust that allows them to circumvent security and evade detection for months, if not years.

OpenSSH ProxyJump and ProxyCommand directives tell the SSH client how to connect to a remote server via an intermediary server — often called a jump host, jump server, or bastion server. If you are new to jump servers, read our tutorial on how to set up a jump server and learn some of the best practices to secure them.

I have a history of creating my own custom “bug bounty automation” systems to automate the process of performing reconnaissance, vulnerability discovery at asset prioritization. These days it’s called “External Attack Surface Management” (EASM). In essence, EASM is hardly a new concept. The name has become fancier since Gartner listed EASM as an emerging product but the concepts are very similar.

Malicious Docker containers are a relatively new form of attack, taking advantage of an exposed Docker API or vulnerable host to do their evil plotting.​​ In this article, we will walk through the triage of a malicious image containing a previously undetected-in-VirusTotal (at the time of this writing) piece of malware! Leaving a Docker API endpoint exposed to the world can have a variety of negative consequences.

In application development, security plays an increasingly more prevalent role in protecting infrastructure and data, and ensuring a high level of user trust. Recently, Snykers Vandana Verma Sehgal and DeveloperSteve hosted a panel discussion with seasoned industry experts who shared their insights about exactly when security should be brought into app development.

A critical part of improving a business’ cyber resilience is ensuring staff, including the executives and the board of directors, are all champions of promoting and driving awareness when it comes to cybersecurity. Many company do have this understanding, and one way to measure the importance organizations are placing on cybersecurity is by expenditures.

On Feb. 23, 2022, destructive attacks were conducted against Ukrainian entities. Industry reporting has claimed the Go-based ransomware dubbed PartyTicket (or HermeticRansom) was identified at several organizations affected by the attack,1 among other families including a sophisticated wiper CrowdStrike Intelligence tracks as DriveSlayer (HermeticWiper).