%term

10 GitHub Security Best Practices

Feb 5, 2024 By Simon Maple In Snyk

The security landscape is constantly changing. As such, this blog has been updated to reflect the risks developers and security teams face today and how to overcome them. In our rapidly advancing, code-dominated digital landscape, safeguarding your codebase takes center stage. GitHub is the go-to platform for code sharing and version control in the developer community. However, given its widespread adoption, GitHub is not immune to many of the security challenges that developers face daily.

Read Post

Snyk

Read more about 10 GitHub Security Best Practices

Alerts - Working with triggered alerts

Feb 5, 2024 By Devo In Devo

Alerts are critical tools for maintaining system performance and data conditions. Monitor the health of your system with Devo, defining alerts and analyzing when they are triggered.

View Video

Devo

Read more about Alerts - Working with triggered alerts

Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

Feb 5, 2024 By GitGuardian In GitGuardian

In this video, we drill down into the recent breach of Cloudflare systems including how attackers were able to use stolen credentials from the Okta attack to move laterally and hack the Cloudflare internal Atlassian server. The security incident shows the dangers of secrets sprawl not only in internal systems but also in the supply chain leading to potential data leaks.

View Video

GitGuardian

Read more about Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare

Feb 5, 2024 By GitGuardian In GitGuardian

Cloudflare is one of the largest networks in the world and had there internal systems breached due to stolen credentials from the October 2023 Okta breach.

View Video

GitGuardian

Read more about Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare

Cybersecurity in the Age of Regulation - Sysdig

Feb 5, 2024 By Sysdig In Sysdig

Cybersecurity breaches are becoming more frequent and more impactful. Adversaries continue to grow stronger, and defenders aren’t always keeping pace. On July 26th, 2023, the U.S. Securities and Exchange Commission issued new regulations on cybersecurity risk management, strategy, governance, and incident disclosure, leaving many companies concerned about how to ensure compliance with these new rules, and what changes they may need to make to get up to speed.

View Video

Sysdig

Read more about Cybersecurity in the Age of Regulation - Sysdig

February 5 2024 Cyber Threat Intelligence Briefing

Feb 5, 2024 By Kroll In Kroll

This weeks' briefing covers: Dive deeper.

View Video

Kroll

Security

Read more about February 5 2024 Cyber Threat Intelligence Briefing

Fake "I Can't Believe He's Gone" Posts Seek to Steal Facebook Credentials

Feb 5, 2024 By Stu Sjouwerman In KnowBe4

A new scam relies on a victim's sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials. We’ve all seen one of those posts on social media about some actor, musician or famous person that has passed away. Feeling a sense of sadness and wanting to know more details, these posts garner a lot of attention.

Read Post

KnowBe4

Read more about Fake "I Can't Believe He's Gone" Posts Seek to Steal Facebook Credentials

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Feb 5, 2024 By Stu Sjouwerman In KnowBe4

A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri. “Greatness operates as a Phishing as a Service (PhaaS) platform, providing a number of features and components for bad actors to conduct their phishing attacks against Microsoft 365 accounts,” the researchers write. “URLScan results show thousands of affected pages related to this kit.

Read Post

KnowBe4

Read more about New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Emergency Response: Navigating Through the Ivanti VPN Crisis Together

Feb 5, 2024 By Michael Koyfman In Netskope

Legacy VPNs have become a significant security liability for businesses and governments. VPNs require inbound access to corporate networks, significantly broadening the attack surface for malware. This makes them prime targets for threat actors, increasing the risk of disruption to your business.

Read Post

Netskope

Read more about Emergency Response: Navigating Through the Ivanti VPN Crisis Together

What is the Benefit of Including Security with Your Observability Strategy?

Feb 5, 2024 By Keren Feldsher In Coralogix

Observability strategies are needed to ensure stable and performant applications, especially when complex distributed environments back them. Large volumes of observability data are collected to support automatic insights into these areas of applications. Logs, metrics, and traces are the three pillars of observability that feed these insights. Security data is often isolated instead of combined with data collected by existing observability tools.

Read Post

Coralogix

Read more about What is the Benefit of Including Security with Your Observability Strategy?

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

10 GitHub Security Best Practices

Alerts - Working with triggered alerts

Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare

Cybersecurity in the Age of Regulation - Sysdig

February 5 2024 Cyber Threat Intelligence Briefing

Fake "I Can't Believe He's Gone" Posts Seek to Steal Facebook Credentials

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Emergency Response: Navigating Through the Ivanti VPN Crisis Together

What is the Benefit of Including Security with Your Observability Strategy?

Monthly Archive

Follow Us