The Linux kernel is the heart of many modern production systems. It decides when any code is allowed to run and which programs/users can access which resources. It manages memory, mediates access to hardware, and does a bulk of work under the hood on behalf of programs running on top.

Today we are excited to announce Magic Cloud Networking, supercharged by Cloudflare’s recent acquisition of Nefeli Networks’ innovative technology. These new capabilities to visualize and automate cloud networks will give our customers secure, easy, and seamless connection to public cloud environments.

In 2024, transformation is reshaping industries, and the financial sector stands at a crucial juncture. The Softcat Business Tech Priorities Report, a comprehensive survey encompassing over 4,000 customers across various sectors, sheds light on this transformation. Significantly, cybersecurity has emerged as the paramount concern for financial institutions for the second consecutive year.

NIST (National Institute of Standards and Technology) recently released its revamped cybersecurity framework (CSF), aptly called NIST CSF 2.0. The CSF previously had five functions: Identify, Protect, Detect, Respond, and Recover. With 2.0, there is now a sixth: Govern. While Snyk plays an important role in application security and governance, in this blog, we're going to look at the function Snyk Learn plays in CSF 2.0: Protect.

When it comes to cyber resilience, Security Validation is emerging as the linchpin. Security teams face ever-more potential risks as their organization’s attack surfaces expand across diverse IT environments. Amid this challenge, the process of risk-based prioritization is more important than ever. However, prioritization alone falls short of the mark.

The latest example of an advanced persistent threat exploiting a legitimate cloud service to deliver a malicious payload was recently unearthed by researchers at Trend Micro.

Faced with year-on-year rising attack figures, law enforcement have struggled to adapt to the immense task of preventing ransomware and cyber extortion. By tracking and analysing attacker reported victim data, we seek to explore the significance of Lockbit’s recent takedown in the context of prior disruption efforts.

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting Ukrainian state organizations attributed to the Kremlin-backed nation-state group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP,” detailed in this whitepaper.

Digitalization has revolutionized bureaucratic processes as a whole. Like other sectors, public bodies across the world have adopted web-based software and support to increase the efficiency of their operations.

Professionals in the cybersecurity industry have much to consider regarding the various approaches and types of tooling required to keep their organizations secure. There are significant known cybersecurity threats and a constant danger of new “zero-day” vulnerabilities. One comprehensive strategy growing in popularity for mitigating the associated risks generated by these threats and vulnerabilities is Attack Surface Management (ASM).