CrowdStrike has identified a new cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure. Called “Kiss-a-dog,” the campaign targets Docker and Kubernetes infrastructure using an obscure domain from the payload, container escape attempt and anonymized “dog” mining pools.
MITRE is a world-renowned research organization that aims to help build a safer world. It is probably best known in the information security industry for being the organization behind the industry-standard CVE (Common Vulnerabilities and Exposures) list. Each entry on the list is supposed to include an explanation of how the vulnerability could be exploited. These attack vectors are tracked and defined in another well-known knowledge base called ATT&CK, which is also maintained by MITRE.
The FedRAMP PMO recently announced new rules for how contractors will need to comply with the Federal Risk and Authorization Management Program (FedRAMP) Authorization Boundary rules in draft format. This is a big deal because FedRAMP compliance is mandatory for any company that wants to do business with the federal government.
We previously covered the basics of FedRAMP by simply asking “What is FedRAMP?” This time, we’re going to talk about how you can get approved as a FedRAMP Cloud Service Provider (CSP). We’ll talk about some of the advantages of being FedRAMP authorized. We’ll also discuss FedRAMP compliance versus certification to understand the difference. Additionally, we will define terms you will need to know during your FedRAMP journey.
Some of the most powerful moments in your career are when you are given the opportunity to create something new, to experiment, and give something back to the community that has been so supportive over the years.
The Domain Name System (DNS) translates domain names into IP addresses. Every device and website has an IP address that other devices, websites, and online services use to communicate with it. IP addresses are a string of numbers usually formatted as 000.000.000.000. However, we use domain names since people can’t easily remember these numbers.
In 2021, over two billion data records containing usernames and passwords were compromised, a 35% increase from 2020, according to ForgeRock’s Consumer Identity Breach Report. Weak passwords make it easy for cyberattackers to gain access to your network.
The Biden administration formally started the application for federal student loan forgiveness on Monday, October 17th, 2022. Recipients who qualify are eligible for the discharge of up to $10,000 of their loans for non-Pell Grant recipients and up to $20,000 for Federal Pell Grant recipients.
The disparities in some key areas in our 2022 Devo SOC Performance ReportTM provide clear evidence that the issues facing organizations since the start of the global pandemic in early 2020 continue to affect SOC performance, especially in the areas of hiring and retaining SOC talent.
