Cloud

NAA Creating Dashboard Filters

Sep 20, 2022 By Netskope In Netskope

Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. The Netskope Intelligent Security Service Edge (SSE) platform is fast, easy to use, and secures people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

View Video

Netskope

Read more about NAA Creating Dashboard Filters

7 Best Encrypted Email Services to Protect Yourself With In 2022

Sep 20, 2022 By Joe Tobin In Internxt

Most successful hacks and data breaches are perpetrated through email. In a perfect world, everyone would find safer methods for communication, but since email isn't going anywhere anytime soon, encrypted email is our best option. Since Internxt doesn't have its own encrypted email yet, we've assembled a list of the best encrypted email services you should use in the meantime.

Read Post

Internxt

Read more about 7 Best Encrypted Email Services to Protect Yourself With In 2022

Best practices for securely configuring Amazon VPC

Sep 19, 2022 By Jordan Obey In Datadog

Amazon Virtual Private Cloud (Amazon VPC) is an AWS service that enables you to launch AWS resources within your own virtual network. Because you can deploy VPCs in separate regions and other VPC components themselves are deployable across different Availability Zones, VPC-hosted environments tend to be highly available and more secure.

Read Post

Datadog

Read more about Best practices for securely configuring Amazon VPC

Monitor flow logs to ensure VPC security with Datadog

Sep 19, 2022 By Jordan Obey In Datadog

In part 1 of this series, we looked at the common components of an Amazon VPC including CIDR blocks, subnets, firewalls, and route tables. We also looked at approaches for how to configure those components securely.

Read Post

Datadog

Read more about Monitor flow logs to ensure VPC security with Datadog

Container Image Scanning for Azure Pipelines with Sysdig

Sep 19, 2022 By Eduardo Mínguez In Sysdig

Scanning a container image for vulnerabilities or bad practices in your Azure Pipelines using Sysdig Secure is a straightforward process. This article demonstrates a step by step example on how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner in Azure Pipelines. Although possible, it is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

Read Post

Sysdig

Read more about Container Image Scanning for Azure Pipelines with Sysdig

Threat news: TeamTNT targeting misconfigured kubelet

Sep 19, 2022 By Alberto Pellitteri In Sysdig

TeamTNT is a prevalent threat actor who has been targeting cloud and virtual environments such as Kubernetes and Docker since at least late 2019. This threat actor is financially motivated, focusing their efforts on stealing credentials and cryptomining. In 2020, we analyzed their use of Weave Scope on an unsecured Docker API endpoint exposed to the internet. In December 2021, we attributed an attack to TeamTNT in which they targeted a vulnerable WordPress pod to steal AWS credentials.

Read Post

Sysdig

Read more about Threat news: TeamTNT targeting misconfigured kubelet

How to Build Your Cloud Migration Security Strategy

Sep 16, 2022 By Kroll In Kroll

Moving to the cloud is becoming a business necessity. Cloud technologies are flexible and scalable and less expensive to maintain than on-premises solutions, allowing companies to easily adapt as business needs change. The only real barrier to making the move is concerns about cloud migration security.

Read Post

Kroll

Read more about How to Build Your Cloud Migration Security Strategy

Why misconfigurations continue to plague public cloud network services and how to avoid them

Sep 15, 2022 By Oren Amiram, Director of Product In AlgoSec

Cloud security as a strategy is constantly evolving to meet the needs of organizations for scale, agility, and security. If your organization is weighing the merits of the use of public cloud versus private cloud, here are a few facts to keep in mind.

Read Post

AlgoSec

Read more about Why misconfigurations continue to plague public cloud network services and how to avoid them

Attackers Continue to Abuse Google Sites and Microsoft Azure to Host Cryptocurrency Phishing

Sep 15, 2022 By Gustavo Palazolo In Netskope

On August 9, 2022, we released a blog post about a phishing campaign where attackers were abusing Google Sites and Microsoft Azure Web Apps to steal cryptocurrency wallets and accounts from different targets, namely Coinbase, MetaMask, Kraken, and Gemini. The attackers were abusing SEO techniques to spread the pages and using advanced techniques to steal data, such as using live chats to interact with victims.

Read Post

Netskope

Read more about Attackers Continue to Abuse Google Sites and Microsoft Azure to Host Cryptocurrency Phishing

Improve security and compliance for your AWS infrastructure with Teleport

Sep 15, 2022 By Teleport In Teleport

Easily control who can provision and access your critical AWS resources while improving security and compliance. Watch this webinar as Allen Vailliencourt from Teleport discusses how to.

View Video