Containers have quietly become indispensable in the modern application deployment stack, revolutionizing how we build, ship, and run applications. However, with their widespread adoption comes a pressing concern. According to the 2024 State of Kubernetes Security Report, 45% of respondents experienced a runtime security incident in the last 12 months. This raises a few questions: What exactly is container runtime security?

Information and digital security frameworks like FedRAMP, CMMC, and ISO 27001 are not static documents. They provide a static framework for your business to comply with and achieve, but that framework is only valid for so long. Several different forces are in play to ensure that the stipulations and security measures outlined in these frameworks remain valid over time.

As mobile technology becomes integral to day-to-day life, fraudsters are refining phishing techniques to exploit vulnerabilities in mobile browsing. According to Zimperium’s 2024 zLabs Global Mobile Threat report, 82% of phishing sites specifically targeted mobile devices in 2023. To protect customer data, enterprises need to counter-adapt.

At CornCon 2024, experts debunk myths, explore SaaS vulnerabilities, and highlight how human connections shape the future of cybersecurity innovation.

Cybercriminals have found a new way of leveraging legitimate web services for malicious purposes, this time with the benefit of added automation of campaign actions. Security researchers at CheckPoint have discovered a new phishing campaign that uses Google App Scripts – a scripting platform developed by Google that lets you integrate with and automate tasks across Google products – as the destination in malicious links.

The Trinity ransomware gang is launching double-extortion attacks against organizations in the healthcare sector, according to an advisory from the US Department of Health and Human Services (HHS). The ransomware gains initial access via phishing emails or software vulnerabilities. “Trinity ransomware was first seen around May 2024,” the advisory says.

Virtualization offers several advantages for backup and recovery operations, which are the backbone of data protection, operational continuity, and availability. Most importantly, virtualization makes agentless and image-based, host-level backups possible. These types of backups can capture the full VM, including VM configuration as well as VM data. However, it’s important to protect hosts too, as healthy ESXi hosts are important for VMs to run properly.

According to Cybersecurity Ventures, more than half of the world’s data will be stored in the cloud by 2025. With this growth comes a new challenge: understanding where your cloud data lives, what it contains, and how to ensure it is properly protected. The mass storage capabilities of the cloud means it’s easy to drop data wherever you want. It’s also easy to forget to clean up that data or set up backups where that data is required.

Think of a port as a virtual gateway that a specific service, process, or application on your computer uses for network communication. Each port is assigned a unique number, allowing different types of traffic to be directed to the appropriate software. For example, your email might use one port, while your web browsing uses another. When combined with an IP address, a port number creates a complete socket address, enabling precise routing of data to and from your computer across the network.