Confidentiality, Integrity, and Availability. These are the three core components of the CIA triad, an information security model meant to guide an organization’s security procedures and policies. While people outside the information security community might hear the phrase CIA Triad and think “conspiracy theory,” those in the cybersecurity field know that the CIA Triad has absolutely nothing to do with the Central Intelligence Agency.

Today, corporate and business networks have drastically evolved — our data spans multiple locations, cloud vendors, and a growing number of endpoints. Traditional security, once reliant on protecting organizations from the perimeter and trusting devices inside the network, has become less effective. Adding to the complexity, the work from home (WFH) model is being embraced by many organizations as they adapt to a rapidly shifting business climate.

Cyberint Research observed several unsolicited malicious email (malspam) campaigns in August 2021 through which Masslogger was delivered. First noticed around April 2020, Masslogger is a popular.NET credential stealer used to gather credentials from victims for various applications, and is readily available to purchase on cybercriminal forums for around $100 (US).

In this blog, you will learn how monitoring data from your Kubernetes environments can be used to detect indicators of a compromise in Kubernetes. Securing Kubernetes is challenging: Configuration flexibility, large clusters, ephemeral containers, and an ever-growing services ecosystem produce complex environments that open up your attack surface. Adversaries get an advantage because complexity is a natural enemy of security.

This year’s RSA Conference was certainly a surprising one. There was an understandable focus, of course, on remote working security, alongside a relatively high number of presentations dealing with the issues of the moment – Kubernetes, the IoT, and the Biden administration’s plans for cybersecurity. In the midst of these headline presentations, it was easy to miss some of the less dramatic research, and even easier to miss its implications.

2021 is only a month away, and given the turbulent landscape we had in 2020, we can’t help but wonder what the cybersecurity conditions will look like for companies and enterprises in the upcoming year. Year after year, the cybersecurity industry faces new challenges and obstacles, and 2021 will be no different. 2020 proved to be one of the most challenging years, cybersecurity-wise, especially for those companies whose employees suddenly had to switch to remote working.

Cloud technology is a powerful tool with unmeasurable potential. Across the globe, companies are harnessing the cloud to propel their business solutions. However, there are always some companies that cannot entirely shift their solutions to the cloud. Thanks to the hybrid cloud model, companies house some of their solutions on their on-premises servers and store the rest of them in the cloud. Most companies have adopted the hybrid cloud model, as it suits both conventional and new-age operations.

Today, I will be going over CIS Control 2 from version 8 of the top 18 CIS Controls – Inventory and Control of Software Assets. Version 7 of CIS Controls had 10 requirements, but in version 8, it’s simplified down to seven safeguards. I will go over those safeguards and offer my thoughts on what I’ve found.

Can you recall exactly how good or bad your vision was following your last eye exam? Most of us can’t. A casual poll around the office showed that many people focus only on whether our eye doctor says we need an updated prescription for glasses or contacts. Often, we walk away with a new script but without a clear understanding of our overall eye health, i.e., whether our eyesight got better or worse since the previous visit.