Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As Microsoft Azure continues to gain market share in the cloud infrastructure space, it has garnered attention from adversaries ranging from hacktivist and eCrime threat actors to nation-state adversaries. Recent attacks on Microsoft by cloud-focused threat actors like COZY BEAR are becoming more frequent and garnering huge attention.

The security landscape is constantly changing. As such, this blog has been updated to reflect the risks developers and security teams face today and how to overcome them. In our rapidly advancing, code-dominated digital landscape, safeguarding your codebase takes center stage. GitHub is the go-to platform for code sharing and version control in the developer community. However, given its widespread adoption, GitHub is not immune to many of the security challenges that developers face daily.

A new scam relies on a victim's sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials. We’ve all seen one of those posts on social media about some actor, musician or famous person that has passed away. Feeling a sense of sadness and wanting to know more details, these posts garner a lot of attention.

A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri. “Greatness operates as a Phishing as a Service (PhaaS) platform, providing a number of features and components for bad actors to conduct their phishing attacks against Microsoft 365 accounts,” the researchers write. “URLScan results show thousands of affected pages related to this kit.

Legacy VPNs have become a significant security liability for businesses and governments. VPNs require inbound access to corporate networks, significantly broadening the attack surface for malware. This makes them prime targets for threat actors, increasing the risk of disruption to your business.

Observability strategies are needed to ensure stable and performant applications, especially when complex distributed environments back them. Large volumes of observability data are collected to support automatic insights into these areas of applications. Logs, metrics, and traces are the three pillars of observability that feed these insights. Security data is often isolated instead of combined with data collected by existing observability tools.

Bankers Life and Casualty Company (Bankers) is a nationwide retirement solutions provider. Their services assist members in maintaining and stretching their retirement income, paying for health and treatment programs, finding excellent retirement care, and assisting families with final expenses. There are over 3,800 Bankers agents throughout the US, with most states having one or more physical branches.

Amazon provides users a convenient way to shop online, making it one of the most popular online retailers. However, its popularity has made it a prime hub for online scams. Scammers often impersonate an Amazon representative or legitimate seller to trick users into giving up their personal information. Some common Amazon scams you need to avoid are fraudulent sellers, off-platform payments, phishing messages about your Amazon account and fake Amazon job offers.

In the ever-evolving landscape of cybersecurity, where the battle between defenders and hackers continues to escalate, it is crucial to scrutinize every aspect of web interactions. While the HTTP status code 200 OK is generally associated with successful API calls, there’s a dark side to its seemingly harmless appearance that often goes unnoticed.

As your organization grows the demands on the security team increase. Many of these new demands come from prospects and customers doing their due diligence about the security measures your business has in place. Your team is then left struggling to balance a growing number of security questionnaires and customer requests while managing your everyday responsibilities.