The coronavirus pandemic forced the world’s workforce to retreat from their offices in a hurry. In that process, it proved something many of us already knew: employees can work productively without needing to be physically present or connected to the corporate network. Assisted by cloud-based productivity apps, tablets and smartphones have untethered us from the office space. At any time, I can pull out my phone and resume working via the cloud.

A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By contrast, direct bank transfers factored in just 18% of attacks, followed close behind by payroll diversions at 16%.

Many organizations, from enterprises to small businesses and schools, are focusing efforts on distance working and learning. One significant hurdle for those who are suddenly tasked with supporting remote users is the question of how to manage a fleet of new endpoints. One appealing solution for managing all these new remote users is to use Google Chromebooks.

All of us know what a Chief Information Security Officer (CISO) does from afar. A CISO upholds the organization’s overall security by overseeing the operations of the IS practice, the IT security department and related staff. In this capacity, those who become a CISO attain the highest paying job in information security, as it carries the associated responsibility of enabling business in a fast-evolving threat landscape. But is there more to this job than that description is letting on?

Learn about the new product features or watch the video highlight of our Summer release to help you manage vulnerabilities more effectively and automate security hygiene across the full technology stack with less effort.

Compromising a pod in a Kubernetes cluster can have disastrous consequences on resources in an AWS Elastic Kubernetes Service (EKS) account if access to the Instance Metadata service is not explicitly blocked. The Instance Metadata service is an AWS API listening on a link-local IP address. Only accessible from EC2 instances, it enables the retrieval of metadata that is used to configure or manage an instance.

Not long ago, we’d say “slack” to describe not working, as in “slacking on the job.” With the advent of the Slack app, though, the term has become synonymous with productivity. And Slack’s ability to work in tandem with hundreds of applications makes this popular team communication and collaboration tool even more useful.

Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our September 2020 roundup of recent compliance news from around the United States and around the world.

Digitization has made its way into every industry. With this shift comes many benefits as well as the risk of a cyber attack. This is especially true in aviation. No matter how securely companies can build networks to ward off cyber attacks, the risk is never absent. With planes operating thousands of feet off the ground — often full of commercial passengers — a digital attack can potentially cost lives as well as millions in damages.

Sysdig is pleased to support AWS today in their GA launch of Bottlerocket, a special-purpose operating system designed for hosting Linux containers. Orchestrated container environments run potentially hundreds of compute nodes. Operating general-purpose Linux on container hosts introduces complexity for IT teams who must patch and update packages across their clusters. Worse, features and packages that are not necessary for running containers, introduce unnecessary security exposure.