Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A number of software packages offer data storage in the cloud. Convenient? Yes, however, the data resides in its own silo which can make it difficult to manage – from security with a clear audit history, to accessibility to making sure the latest content is available to project stakeholders. A true common data environment (CDE), keeps and protects all that content in a single, secure repository in the cloud with integrations to applications.

In the final blog post of our three-part series on cloud security, we outline the key controls organisations should take to minimise cloud security risks.

Universal Health Services (UHS), a Fortune 500 company and healthcare services provider, has reportedly shut down systems at facilities throughout the United States after the Ryuk ransomware hit its network on September 27, according to an article on the Health IT Security website. What is Ryuk ransomware? Ryuk is a sophisticated ransomware threat that targets businesses, hospitals, and government institutions across the world.

Security researchers working with IBM Security recently uncovered a new malware code that is being used to attack online banking users in Brazil. Referred to as ‘Vizom’ by the team, the code utilizes remote overlay attacks to siphon sensitive financial data and make fraudulent transactions from victims bank accounts.

Today AWS unveiled the Amazon EKS Distro (EKS-D) and Sysdig is excited to deliver support for the new Kubernetes distribution with our Secure DevOps solutions. Wherever you choose to run EKS-D to run container applications, Sysdig can also be used to detect and respond to runtime threats, continuously and validate compliance, as well as monitor and troubleshoot.

This blog post marks an important milestone for us! Just four years ago, as we grew frustrated with the state of SSH server access, Teleport was born. Eventually it grew way bigger than just SSH access, as our users want to use the same access workflow for all layers of their stacks. And today we’re announcing another way to use Teleport: as a hosted offering. Let’s dig deeper!

A cyber security risk assessment is about understanding, managing, controlling and mitigating cyber risk across your organization. It is a crucial part of any organization's risk management strategy and data protection efforts. Risk assessments are nothing new and whether you like it or not, if you work in information security, you are in the risk management business.

Typosquatting is a form of cybersquatting where someone sits on similar domain names to those owned by another brand or copyright, targeting Internet users who incorrectly type in a website address into their web browser, rather than using a search engine. Typosquatting is also known as url hijacking, domain mimicry, a sting site, or a fake URL.

In October, the Federal Energy Regulatory Commission (FERC) released its “2020 Staff Report Lessons Learned from Commission-Led CIP Reliability Audits.” The report summarizes the Commission’s observations from Critical Infrastructure Protection (CIP) audits performed in conjunction with staff from Regional Entities and the North American Electric Reliability Corporation (NERC).

Computer security regulations have come a long way from their early beginnings. Even before the Federal Information Security Management Act (FISMA), there was the Computer Security Act of 1987 (CSA). The Computer Security Act was enacted by the 100th United States Congress in response to a lack of computer security protection measures, and a strong need for internal computer security governance for U.S. Federal agencies. Although the U.S.