Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A recently discovered advanced persistent threat (APT) provides a particularly meaningful example of how multiple cloud services can be combined inside the same attack chain to add layers of sophistication and evasion. CloudSorcerer is the name that researchers at Kaspersky have coined to describe an advanced threat actor targeting Russian government entities.

Amazon Web Services (AWS) Simple Storage Service (S3) has become a cornerstone in the world of cloud storage. It offers scalability, high availability, and performance, making it a go-to choice for businesses of all sizes. However, as with any cloud service, security is paramount. This is where the question of "how to secure an S3 bucket" comes into play. Securing your S3 buckets is not just about protecting your data from unauthorized access.

Working as a contractor for the federal government means complying with a wide range of rules. Some of these are large, obvious, and well-enforced, like the security frameworks we so often discuss here on the Ignyte blog. Others are small rules, scattered throughout disparate memos and resources, and it can sometimes be easy to forget them – or not even know them at all. And, of course, it doesn’t help matters that these rules can change from time to time.

India's National Cyber Security Policy 2013 is a comprehensive framework designed to fortify the nation's cyber infrastructure and safeguard its digital frontiers. The policy aims to address the complexities of cyber threats and enhance cyberspace's security and resilience through various key components and targeted strategies.

In an era when digital transformation is reshaping economies and societies, the threat of cybercrime has become a significant concern. India, with its growing digital ecosystem, is particularly vulnerable to a wide range of cyber threats. In response to these challenges, the state of Maharashtra launched an ambitious initiative - the Maharashtra Cyber Security Project.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers a supply-chain attack conducted using Trojanized jQuery, the sale of fake Olympic Games tickets, and a phishing campaign targeting banking users in India.

You can stay protected against tech-support scams by learning to spot them and following tips to avoid them, such as never answering unsolicited calls from unknown numbers, never giving someone remote access to your computer and not clicking on malicious advertisements. Continue reading to learn more about how you can protect yourself against tech-support scams and what to do if you’ve fallen for this type of scam.

Transitioning from legacy vulnerability management tools to modern solutions like Tanium offers improved endpoint visibility, cost savings, streamlined operations, real-time data, and automated remediation, enhancing overall cybersecurity posture.

Encryption is a fundamental procedure in cybersecurity that transforms data into a coded format, making it inaccessible to unauthorized users. It has evolved significantly from simple ciphers in ancient times to complex algorithms like AES (Advanced Encryption Standard) and RSA (Rivest-Shamir-Adleman), which are used today. Encryption ensures data confidentiality, integrity, and authenticity, which is crucial in protecting sensitive information across various domains.

Managing dependencies isn’t always easy, but it’s critical for protecting your code. In this guide, we’ll explore what dependencies are and how they can be checked for known vulnerabilities, compatibility, licensing requirements, and more. We’ll then learn that dependency checks should be part of a dependency management strategy to keep applications up to date and reduce security risks and technical debt.