Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! How much?! Wow…

How worried should small businesses be about cyber attacks? Pretty worried, according to Alan Watkins, a professor for the Cybersecurity Master’s Degree Program at National University, and an expert with a long career in cybersecurity, emergency management, and law enforcement.

The ability to manage and monitor your attack surface is no longer a luxury—it’s a necessity. The rapid expansion of networks, coupled with the shift to cloud computing and remote work, has created a vast and ever-changing attack surface that requires constant vigilance. This article delves into the most effective attack surface management tools and techniques, offering insights into how they can bolster your cyber security posture and safeguard your organisation against evolving threats.

There are several risks associated with storing your passwords in Google Sheets, including its lack of end-to-end encryption by default and lack of secure sharing capabilities. While Google Sheets uses a secure type of encryption, it does not use end-to-end encryption automatically, meaning anyone at Google can view your files. It is risky to store information as important as your passwords in Google Sheets because the software is not designed to be a password manager.

TOKEN2049 Singapore was a melting pot of global leaders and cutting-edge trends in the crypto space with over 20,000 visitors, 400 exhibitors, and 600 side events. Amid all of the expert discussions and industry thought leadership, I sat down to examine what I thought were the most important takeaways from the world’s biggest crypto event.

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that malicious hackers continue to be capable of compromising industrial control systems (ICS) and other operational technology (OT) using "unsophisticated methods" - suggesting that much more still needs to be done to secure them properly.

Software as a Service (SaaS) has quickly become popular and has changed the way businesses work by making them more scalable, flexible, and efficient. Cloud-based apps are convenient, but they also come with the duty of keeping them safe from cyber threats. As more businesses move private data to the cloud, security for SaaS has become very important. This is because the data is vulnerable to risks like cyberattacks, data breaches, and unauthorized access.

Software platforms are being used more and more by companies to run their operations, store private data, and talk to customers. Ransomware attacks are becoming more common because people depend on them so much. One of the scariest types of hacks is the CDK ransomware attack, which is aimed at companies that use software from CDK Global.

Envoy has carved out a critical role in cloud-native computing, becoming increasingly prevalent as the default ingress controller for Kubernetes. This high-performance proxy, developed by Lyft and now part of the Cloud Native Computing Foundation’s arsenal, is integral for companies scaling up their Kubernetes deployments. Envoy ensures efficient load balancing, security, and operational agility by managing external access to services within Kubernetes clusters,.

Securing database access has become a critical concern for organizations globally. Your organization’s data is its most valuable asset, encompassing everything about your business, partners, customers and employees. A data breach could jeopardize your entire operation.