Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AT&T Cybersecurity

Rooting out the cybersecurity risk in your CI/CD pipeline

When it comes to productivity, agility, and efficiency - continuous integration/continuous delivery (CI/CD) pipelines are great. When it comes to ensuring cybersecurity, they leave a lot to be desired. In fact, and especially given the popularity of CI/CD pipelines now, securing continuous environments might turn into the most important security challenge of the next decade.

New 5G consumption trends demand a new approach to security

We are in the midst of unprecedented transformation – both business transformation and technical transformation. From a technology perspective, 5G will change where and how we harness compute power and promote unforeseen product and service innovation. Once 5G attains critical mass with a robust ecosystem, it will touch nearly every organization, promising new revenue potential across a myriad of industries.

Card-Not-Present fraud (CNP): Five things retailers can do to protect themselves from CNP attacks

Cybercriminals have been well ahead of the curve when it comes to cybersecurity in the online retail industry. Specifically, criminals have been exploiting changes in purchasing behavior that favor online transactions and adapting their methods to take advantage of the authentication challenges arising when a card is not present (CNP) at the time of the transaction.

Protection for your e-commerce needs

One of the biggest barriers to successful e-commerce business is protecting user data. If online shoppers don’t feel their information is safe, they won’t make a purchase. Luckily, there are actions you can take to secure your own e-commerce experience, whether you’re running a digital business or shopping with one. These protections make e-commerce safer at a time when it’s desperately needed.

Serverless computing: Is it worth the risk?

A new trend for developers is emerging, as many companies shift towards using serverless computing. The name is a bit misleading, as serverless computing still relies on servers for storing data, but those who use serverless computing leave the maintenance of the server to their provider. They pay only for the storage needed to execute the code they develop.

TeamTNT delivers malware with new detection evasion tool

AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a new detection evasion tool, copied from open source repositories. The purpose of this blog is to share new technical intelligence and provide detection and analysis options for defenders.

JavaScript cybersecurity threats

JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor went over it, and applets that could give you your local weather forecast or tell you which web browser you’re using.

How reliable is real-time security?

Today’s world is a fast-paced one, and that reality means changing the approach to security. Traditional ways of securing networks or premises often involved responding to threats after they happened or preparing for the most likely attacks based on experience. Now, an option called real-time security — or real-time adaptive security — allows people to use a different method.

Education, certifications, and cybersecurity

The question of cybersecurity certifications comes up very frequently on discussion boards. What is the best certificate to get? Is a college degree better for getting a cybersecurity role? What education or skills are needed for various cybersecurity roles? And many, many more. In this post, I'll try to clarify some of these questions and more.