Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This month, Sysdig Secure brings the General Availability of our Host Scanning & CSPM Compliance features. Other changes include Host Vulnerability Reporting, IaC Scanning of Terraform in AWS, and more! Our SDK, CLI, and tools have had several updates and improvements as well.

Proper IT secrets management is essential to protecting your organization from cyberthreats, particularly in DevOps environments, where common CI/CD pipeline tools such as Jenkins, Ansible, Github Actions, and Azure DevOps use secrets to access databases, SSH servers, HTTPs services and other highly sensitive systems.

The International Association of Privacy Professionals (IAPP) has partnered with the National Cybersecurity Alliance to promote International Data Privacy Day 2023 on January 28, an event dedicated to teaching everyone from major enterprises to the average Internet user how to protect their sensitive personal information.

Read also: PayPal, Riot Games compromised, FBI links $100M Harmony hack to North Korea, and more.

The LCBO, a major Canadian retailer, recently experienced a cybersecurity breach that compromised the personal information of thousands of customers. The incident, which was discovered on January 10th, affected the client-side of the company’s website through which LCBO conducts online sales. It resulted in the unauthorized access of sensitive information such as names, addresses, email addresses, LCBO.com account passwords, Aeroplan numbers, and credit card information.

Cloud security, let alone SASE, doesn’t work without the underlying infrastructure that provides a consistent “baseload” to deliver the security capabilities integral to protecting users, sites, apps, and most importantly the data.

Companies depend on Tines to protect their business through mission-critical automation workflows. Since the earliest versions of Tines, we’ve enabled users to put humans in the loop through forms and prompts. Workflows pause until a person completes an action via an email or messenger prompt. But these features felt limited, with the need for additional human interactions to take place elsewhere creating time-consuming friction.

PostgreSQL is a powerful, open-source relational database management system (RDBMS). Because of its robustness and scalability, PostgreSQL is used extensively in the cloud. Most public cloud providers including AWS, Azure and GCP provide database services to their customers based on PostgreSQL.

Cybercrime isn’t unique to certain sectors or industries. But some areas are more at risk, like local governments and municipalities. It makes sense, governments not only hold a lot of personal and valuable information on their systems, but government entities are interconnected and critical to the operations of a given area — from police forces to court hearings to basic administration and document processing. It’s a high– value target for hackers.

On Tuesday, January 24th, 2023, VMware disclosed two critical vulnerabilities in VMware vRealize Log Insight that could result in remote code execution (RCE). Although different vulnerability types, both vulnerabilities could allow an unauthenticated threat actor to inject files into the operating system of the vulnerable product which could result in RCE. Both vulnerabilities were responsibly disclosed to VMware and have not been actively exploited in campaigns.