Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mobile security refers to the technologies and processes that are used to protect mobile devices from malicious attacks, data breaches, and other forms of cybercrime. It also includes measures taken to safeguard personal information stored on these devices, as well as protecting them from physical damage or theft. Mobile security is becoming increasingly important due to the rapid proliferation of smartphones and tablets being used for business purposes around the world.

There’s one thing IT and security professionals can never have enough of: visibility. Now, 1Password Business customers can gain even greater visibility into their security posture with the upgraded Events API.

API2:2019 Broken User Authentication happens when an attacker bypasses an API’s authentication and authorization mechanisms and gains access to sensitive data or functionality that should only be available to authorized users.

Learn about Kubernetes compliance challenges, consequences of non-compliance, and get guidance on maintaining a secure and compliant cloud environment in a dynamic Kubernetes setup. Kubernetes is a leading open-source platform for automating containerized applications’ deployment, scaling, and management. With the growing adoption of cloud, hybrid, and multicloud environments, the topic of Kubernetes compliance has become increasingly pertinent.

As the frequency and complexity of cybersecurity threats continue to grow, it is becoming increasingly important for organizations to adopt advanced tools and techniques to protect themselves. One way to do this is by utilizing the MITRE attack framework (ATT&CK), a comprehensive taxonomy of common tactics, techniques, and procedures (TTPs) cyber attackers use to compromise information systems and steal data.

CrowdStrike has discovered the first-ever Dero cryptojacking operation targeting Kubernetes infrastructure. Dero is a relatively new and privacy-focused cryptocurrency that uses directed acyclic graph (DAG) technology to claim complete anonymity of its transactions. The combination of anonymity and the higher rewards ratio makes it potentially lucrative to cryptojacking groups compared to Monero, which is commonly used cryptocurrency by attackers or groups running miner operations.

The first step in Anti-Money Laundering (AML) due diligence is to Know Your Customer (KYC). A financial institution (FI) promptly implements KYC processes to identify and confirm a new customer’s identification. These procedures enable FIs to evaluate the risk profile of a customer based on that person’s propensity for financial crime. KYC is a procedure that cryptocurrency exchanges are required to follow.

A Rootkit is a malicious program composed of malware that is created to provide prolonged root-level or privileged-level access to a computer. It remains hidden in the computer system while maintaining control of the system remotely. Rootkits have the ability to steal data, eavesdrop, change system configurations, create permanent backdoors, deactivate other security defensive programs, and conceal other types of malware.

The world of security advisories is disjointed, with disparate systems holding critical documentation in various formats. To make matters more challenging, despite living in a digital-first era, most of these documents are not legible for machines and must be parsed, reviewed, or referenced by humans.