It’s time to update the list of security incidents caused by misconfiguration of cloud storage resources since the last couple of weeks have unfortunately been quite prolific. The shared responsibility model continues to be overlooked, or simply misunderstood by too many organizations, and as a consequence tons of sensitive data is leaked from the cloud on a daily basis, putting thousands of individuals (and dozens of municipalities) at risk of fraud, identity theft, and phishing campaigns.

In the wake of the pandemic, airlines are fighting back against challenges from all directions this year. Many have banded together to protest government orders around banned routes, Covid testing and post-travel quarantine periods. International holiday-going in 2021 has become an unappealing prospect for many, due to the added expense and inconvenience imposed by Covid restrictions.

The Splunk Threat Research team has researched two of the current payloads involved in these heinous campaigns against healthcare and first responder organizations such as Conti & REvil. In the first blog, we explored the REvil ransomware group and in this blog, we will explore Conti.

Shifting left security means you, the developer, catching and fixing vulnerabilities and license violations early in the SDLC. That’s why Xray scans binaries pushed to Artifactory by your builds, and alerts you when there are issues with your dependencies. But catching them earlier, even before checking in code, can be important for developers shifting left.

“Never let a crisis go to waste.” It’s an expression that we’ve all heard a lot over the course of the last year. It is a reminder by Winston Churchill that in bad times that big problems often beget opportunities to do things differently — and better — next time around. No other industry as much as crypto has lived up to this quote.