You’ve secured your cloud identities. You’ve hardened your cloud security posture. You’ve configured strong cloud access controls. But there’s still one more thing you need in order to secure your cloud environment: a cloud workload protection platform, or CWPP. Cloud workload protection platforms secure the workloads that run on your cloud — which are distinct from the infrastructure, user identities and configurations that form the foundation of your cloud environment.

A selection of this week’s more interesting vulnerbility disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. We all hope banks have great security but what about those providing services to banks that also have access to all our data? Well, this is a scary story that makes you wonder about the rest of them.

We've recently been inundated with news of increased cyberattacks and a general increase in cyber threats online. Hackers - both bad and good, government related or private groups - have their hands full every day as never before and compounding the situation is the Russia-Ukraine (UA) war which has sparked a cyber storm. This made us just more curious about Internet attacks on the UA telecom infrastructure.

There are many significant technology-enabled changes taking place in industrial environments today. Smart factories and Industry 4.0. The Industrial Internet of Things (IIoT). The convergence of information technology (IT) and operational technology (OT). All of these things are introducing digital technologies at a fast pace to improve operations, increase productivity, enhance oversight, and increase profitability.

Tetra Defense, an Arctic Wolf® company, partnered with Chainalysis to analyze the link between the Karakurt cyber extortion group to both Conti and Diavol ransomware through Tetra’s digital forensics and Chainalysis’ blockchain analytics. As recent leaks have revealed, Conti and Trickbot are complicated operations with sophisticated structures. But, our findings indicate that web is even wider than originally thought, to include additional exfiltration-only operations.

Very few people can memorize all of their passwords – especially if they’re using unique ones for each account. Many solve this problem by embracing a password manager like 1Password, while others turn to pen and paper. The latter could be a tiny notebook, a whiteboard on their office wall, or an array of sticky notes attached to their PC monitor.

As Synk announces its support of unmanaged dependencies (mostly C/C++ libraries), we thought it would be beneficial to introduce our non-C community to some common, high-risk dangers that lurk in the C world (get it?). Think of this as a “beginners guide” to C and C++ vulnerabilities, how they look, what problems they may cause, and how to fix them.