Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The increasing use of cell phones has automatically led to unimaginable height of sharing of personal information online. Most routine actions, from providing information over the phone to opening a bank account to placing food orders, may now be accomplished from the convenience of your own home. While the telecom sector has enabled remote procedures, it has also hastened the spread of identity fraud and financial schemes.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Normally the articles I share come as some surprise. This week I don’t think any one of them meets that criteria…. So let’s start with the first non-surprise then… With silly shopping season ahead of us it comes are utterly no surprise that eCom stores are under attack.

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program How important is the Security Operations Center (SOC) to a business and a security leader's overall success? The answer is a bit cloudier than one would believe, given the length of time the SOC has been part of our security program lexicon.

When it comes to security in AWS, there is the shared responsibility model for AWS services, which is divided into AWS responsibility ‘security of the cloud’ and customer responsibility ‘security in the cloud’. For more detail on this please check the shared-responsibility-model. Figure 1: AWS Shared Responsibility Model Source: shared-responsibility-model.

In Teleport 8, we introduced the TLS Routing feature that can multiplex all client connections on a single TLS/SSL port. Recently we've added support for TLS Routing for Database Access when Teleport is deployed behind an AWS Application Load Balancer (ALB). In this article, we will take a deep look at the problem with Teleport behind an ALB and how we solved it.

So you’ve set up a Security Orchestration, Automation and Response (SOAR) platform. You’re now ready to detect, respond to and remediate whichever threats cyberspace throws at you, right? Well, not necessarily. In order to deliver their maximum value, SOAR tools should be combined with playbooks, which can be used to drive SOAR systems and ensure that SOARs remediate threats as quickly as possible — in some cases, without even waiting on humans to respond.

Three-quarters of U.S. CEOs in PwC’s 24th Annual Global CEO Survey said they are “extremely concerned” about cyber threats. They want to understand roadblocks, cyber insurance coverages, and budget allocation, among other critical topics. CISOs prefer the language of technology, and boards prefer the language of finance.

Editor’s note: This is Part 2 of a five-part cloud security series that will cover protecting an organization’s network perimeter, endpoints, application code, sensitive data, and service and user accounts from threats.

In this post, we’ll quickly cover the highlights of what you need to know about California’s Data Breach Notification Statute.

Cryptomining attacks are becoming more notable in-line with the rise of blockchain and cryptocurrencies, so detecting cryptomining has become a high priority. Security researchers have found data breaches related to various cryptominer binaries running within victims’ infrastructures. The default openness of Kubernetes clusters and the availability of the extensive compute power required for mining makes Kubernetes clusters a perfect target for cryptomining attacks.