In under five years time, Kubernetes has become the default method for deploying and managing cloud applications, a remarkably fast adoption rate for any enterprise technology. Amongst other things, Kubernetes’s power lies in its ability to map compute resources to the needs of services in the current infrastructure paradigm. But how does this tool work when faced with the new infrastructure layer that is blockchain? Can the two technologies be used in conjunction?

In The State of Application Security, 2020, Forrester predicts application vulnerabilities will continue to be the most common external attack method. Because of this, organizations are urged to continue testing early in the software development life cycle (SDLC), implementing auto-remediation for security vulnerabilities, and shoring up production protections.

A brute force attack is a popular cracking method that involves guessing usernames and passwords to gain unauthorized access to a system or sensitive data. While a relatively simple, brute force methods continue to have a high success rate and account for over 80% of attacks on web applications.

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage. Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating data from the enterprise.

Applications support some of the most strategic business processes and access an organization’s most sensitive data. However, application security continues to receive less budget and attention than network security. Thanks to the high-profile data breaches of the past few years, we can’t blame lack of awareness for the lack of investment. Security experts and business leaders alike are now painfully aware that hackers are targeting applications as an entry point.

Over the last few weeks, most organisations have had to transition to enable their employees to work remotely. The key focus has been on business continuity during this trying time. Unfortunately, business continuity isn’t so easy. Keeping the day-to-day operations of the business running has been one of the hardest IT challenges that most organisations have faced in the last decade. It’s one for which many organisations might not have had a plan in place.

NoSQL technology has become more popular in recent years thanks to the development of new open-source NoSQL databases that are relatively easy to install, use and integrate with web frameworks. An example of one of those popular frameworks on the internet is known as MEAN (MongoDb, Express.js, Angular.js, Node.js). These NoSQL frameworks have become very popular for things such as content management, catalogs and big data in general.

Not all cybersecurity threats and attacks occur on hardware and software components. Instead, humans are also vulnerable to social engineering attacks, a kind of cyber-attack. Social engineering psychologically manipulates people to trick them into performing actions or revealing sensitive information.

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system.

As cybercriminals continue to use the novel coronavirus pandemic to launch cybercrime scams and cyber attacks on teleworking applications, virtual private networks (VPN), and other technologies associated with remote work, many organizations find themselves in crisis mode, as well. Your enterprise may be scrambling daily to protect your sensitive data, reduce the likelihood of data breach, and guard against malware and ransomware attacks as well as other cyber threats.