While October is famous for National Cybersecurity Awareness Month, and we provide resources and recommendations for our customers, really every month should focus on this business-critical topic. Given the frequency of Ransomware attacks, all industries need to be increasingly vigilant. This includes many aspects of cybersecurity, such as user training, endpoint security, network security, vulnerability management, and detection and response to incidents.

The Tsunami malware is back! Although it appeared for the first time several years ago, the Sysdig Research Team has just discovered a new sample of Tsunami malware targeting Jenkins and Weblogic services deployed in Kubernetes clusters. The Tsunami malware is a backdoor that gives the attackers full control over the infected systems. Indeed the targeted machines, once infected, communicate with an IRC server waiting for new commands to be executed.

As we wrap up Cybersecurity Awareness Month 2021, this week’s theme, Cybersecurity First, is all about making security a priority. To do this, many security operations teams are leaning into threat intelligence to understand specifically where and how to focus their efforts to better protect their organizations.

A recap of my time at the CNCF’s signature conference, KubeCon + CloudNativeCon NA 2021. What an amazing week at the first in-person KubeCon + CloudNativeCon since the pandemic started. This KubeCon set a precedent as one of the first major conferences to bring back an in-person component! The theme this time around was Resilience Realized, and they put this on display at the top of the convention hall.

Managing security is not solely about products and technologies. As a security leader in your company, it is important to consider numerous other factors when you decide to set up a Security Operations Center. A few of the things include - an understanding of the business plan and requirement capability. It also includes the skill set of people who will be part of the Security Operations Center (SOC) for planning the individual and team responsibilities, budget, etc.

Cybersecurity is one of the essential tasks for any business. It’s not just a matter of protecting your company’s data and information from external threats, but also ensuring that it remains robust to internal ones. All three, i.e. people, processes and technology, are your greatest asset. If they are not embedded and managed throughout the organisation, you can expect that they will inadvertently put your sensitive data at risk.

Controlling access to sensitive data is tough. Be too restrictive, and your employees run into too many roadblocks to do their jobs effectively. Too loose, and you are effectively guaranteeing that your organization will find itself on the front page as a victim of one of the many data breaches happening every day. That is why it is important to craft an effective data security strategy: one that relies on automation and oversight to ensure the privacy of your users’ data.

Even though cloud computing isn’t all that new anymore, learning how to use it effectively can be overwhelming. It’s unfortunately very easy to make mistakes.

Windows 10 is probably the most used Operating System (OS) in organizations these days. The fact that every level of user in the organization, from IT experts to entities that has little knowledge in cybersecurity use it, it is prone to be targeted by attackers as a gate to the entire network. A lot of attention is invested in users’ behavior and phishing campaigns, while many risks hide in the OS itself.

The coronavirus pandemic has accelerated the massive increase in using cloud computing services. As the world progresses through its online evolution, cloud computing services have become more of a necessity. However, along with businesses, cybercriminals have also seen this virtualization as a means of snagging more prey. The rapid increase in cloud computing services has made organizations face novel security challenges.