A selection of this week’s more interesting vulnerability disclosures and cyber security news. While we marvel at the sophisticated attacks, as with most crime, it’s the simple tricks while people have their guard down that get through. Here is a wonderful little article by the folks at SANS on one such example, yes, for most of us we might spot an obvious faked URL but for others or if we’re not paying enough attention one tap and its game over.

Binance, one of the world’s largest cryptocurrency exchanges, has revealed that it is being blackmailed to the tune of 300 Bitcoin (approximately US $3.5 million) by someone who is threatening to release some 10,000 sensitive photographs of its customers. And in an attempt to identify its blackmailer, Binance has put a 25 Bitcoin (approximately US $290,000) bounty on their head.

As the worldwide spending on SaaS spending will make up more than half of all public cloud services spending through 2019, it is critical to have end-to-end visibility into threats across your SaaS and on-premise applications. Sumo Logic and Netskope are collaborating on a technical integration that will help joint customers use Sumo Logic to correlate, validate and investigate Netskope alerts into their overall security incident investigation process and understand SaaS application usage patterns.

The recent Tripwire blog ‘7 Habits of highly effective Vulnerability Management’ by Tim Erlin was a great read with some sage advice on the always relevant security topic of VM. I noticed, however, that although the seven points themselves were all Tim’s own, the title snappily paraphrased Steven Covey’s classic management book. This made me think.

About a decade ago, organizations were hesitant to adopt cloud solutions, with many citing security concerns. Fast forward to 2019, and 81% of organizations have a multi-cloud strategy, spurred on by the desire for increased flexibility, usage-based spending and desire to respond to market opportunity with greater agility.

We are excited to announce the general availability of Tigera Secure 2.5. With this release, security teams can now create and enforce security controls for Kubernetes using their existing firewall manager.

Nowadays, a lot of attention is being paid on the SOAR vs. SIEM debate. To get the most benefit from your security data, it is vital to understand the difference between these essential cybersecurity tools. Although SOAR and SIEM have several components in common, we cannot use these tools interchangeably as they are different in nature.

Browsing privately ensures that no one spies on what you do online. Thanks to the tech growth that the world has experienced over the years, you either choose to browse the entire web anonymously or if you only need to hide from specific spies, you can opt to make all of your visits to a single website anonymous.

Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps you prioritize security issues and collaborate across teams to stay on top of your web asset security. This release is the first step towards broader asset tracking functionality in Detectify.