Meet "Sodinokibi" this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat

WatchGuard has been recognized by CRN in the 2022 Edge Computing 100 list in the Security category. This prestigious list highlights leading technology innovators that supply channel partners with next-generation edge technologies that allow businesses to capture, process, and use data in more intelligent ways. The categories recognized in this list include Edge Hardware, Software and Services; IoT and 5G Edge Services; and Security.

Kubernetes clusters consist of multiple resources and API objects interacting dynamically—which typically makes cluster management via the CLI overwhelming. Kubernetes Dashboard was built to simplify cluster operations by providing a unified, human-friendly interface. The web-based dashboard enables cluster operators to deploy applications, access running workloads, and correlate logs with cluster events. This article demonstrates how to install and use Kubernetes Dashboard.

Being in a more connected environment benefits all of us, from those using social media to stay in touch with far-away relatives, to businesses enjoying the rewards of remote working. But, while connectivity is great and offers many positives, it also creates vulnerabilities. Companies that handle sensitive data may find themselves the target and victim of cyber- attacks as malicious actors look to harvest that information for their gains.

If the eyes are the window to the soul, then the Application Programming Interface (API) is the window to the software. After all, an API is a way for products to communicate with each other through a documented interface, just as the eye is a human interface, communicating with the outside world (but it’s not as well-documented as to meanings).

Netskope Threat Labs recently discovered a phishing campaign that is abusing Adobe Acrobat to host a Microsoft Office phishing page. While abusing free cloud services to host malicious content is a popular attack technique, this is the first time we have seen Adobe Acrobat used to deliver malicious content. The attack starts with a phishing email that lures the user into opening a PDF file that redirects them to an Adobe Acrobat URL.

As organizations rapidly transform the way they build and deploy applications in pursuit of greater business agility and increased speed to market, they face significant challenges implementing effective authorization controls throughout microservices environments and the infrastructure they run on. For Identity and Access Management (IAM) teams, stitching together different data sources and transforming them for authorization purposes is complex and time-consuming.

As the attack surface widens and cybercriminals get more sophisticated, organizations are struggling to prepare for and respond to ransomware and other cyber incidents. According to the inaugural State of Data Security report from Rubrik Zero Labs, a staggering 92% of global IT and security leaders are concerned they are unable to maintain business continuity following an attack.

Snyk recently launched a multi-day live hack series with AWS, where experts demonstrated exploits in real-time and explained how to defend against those vulnerabilities. This series helped viewers discover new ways to improve security across the application stack for AWS workloads. As part of the series, Micah Silverman (Director of Developer Relations, Snyk) and Chris Walz (Senior Security Engineer, Atlassian) discussed Log4Shell.

Kubernetes uses secret objects, called Secrets, to store OAuth tokens, secure shell (SSH) keys, passwords, and other secret data. Kubernetes Secrets allow us to keep confidential data separate from our application code by creating it separately from pods. This segregation, along with well-formed role-based access control (RBAC) configuration, reduces the chances of the Secret being exposed — and potentially exploited — when interacting with pods, thereby increasing security.