The dark web is a digital no man’s land where many peculiar activities take place. Check out these chilling, real-life deep web horror stories and tips that can help keep you safe.

In 2019, the Capital One breach led to the exposure of 100 million customers’ personal data due to a misconfigured WAF. The incident ultimately cost Capital One over $270 million in fines and compensation, demonstrating the serious risks inherent in cloud security and highlighting the urgent need for robust security measures. As cloud adoption accelerates, public cloud services spend is expected to jump 20.4% versus 2023, reaching $675.4 billion this year.

Building and scaling trust has become more difficult for organizations of all sizes. With more reliance on third-party vendors and AI technologies, security leaders face an increasingly complex threat landscape. However, many teams are left to manage this complicated landscape with screenshots, spreadsheets, and legacy solutions that rely on manual updates and limit them to point-in-time visibility into their security posture.

This is the second episode of the CSI Container series, published and presented at CloudNativeSecurityCon 2024. In this episode, we focus on Kubernetes CSI, how to conduct DFIR activities on K8s and containers, and how to perform static and dynamic analysis. As we covered in the first episode, DFIR refers to the union of Digital Forensics (DF) and Incident Response (IR). We also highlighted how conducting DFIR activities in a container environment differs from the usual DFIR in a host environment.

The Payment Card Industry Data Security Standard (PCI DSS) is a global standard designed to ensure the security of cardholder information. It is crucial for any organization that stores, processes, or transmits payment card data to comply with PCI DSS to protect the integrity and confidentiality of cardholder information.

Security reviews of third-party vendors are now an essential element of an effective governance, risk, and compliance (GRC) function. After all, there have been numerous examples in recent years of organizations with an otherwise strong security posture falling victim to threats that originated with supply chain partners. But whether you are on the sending or receiving end of a security review, completing the process can be time-consuming and inefficient.

Carrying out a pentest correctly is important for finding and fixing security holes in a company. Including useful external IP addresses is an important part of pentesting. Hackers can get into a company's network and possibly take advantage of vulnerabilities by using these addresses as entry points. Companies can make sure their pentests are thorough and useful by carefully choosing and ranking which external IP addresses to test.

In this episode of the Trust Issues Podcast, host David Puner sits down with CyberArk’s resident technical evangelist, white hat hacker and transhuman, Len Noe. They dive into Len’s singular journey from a black hat hacker to an ethical hacker, exploring his identity reinvention and the fascinating world of subdermal microchip implants and offensive security.

You may want to know the PowerShell version installed on your machine. While novice users may go to Programs in the Control Panel to check the PowerShell version, it’s often quite the disappointment when they don’t find PowerShell listed as a program there. Instead, you’ll need to resort to other methods to find the PowerShell version. This article provides a comprehensive guide to checking the PowerShell version you’re running.