Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

NTFS is a filesystem developed by Microsoft that was introduced in 1993. Since then, it has become the primary filesystem for Windows. In recent years, the need for an NTFS implementation for macOS and Linux has risen, and as a result, new NTFS drivers for those operating systems have been developed. This blog post presents some information about the NTFS driver for Linux and shows a bug we found in one of the filesystem’s features.

When news of the recent CircleCI breach broke, developers everywhere scrambled to rotate tokens and remove hardcoded secrets stored in the popular CI/CD platform to minimize their exposure. Now that the dust has settled and more details are available, we’re reexamining the CircleCI attack chain to highlight the importance of a holistic Identity Security strategy in thwarting future damaging attacks.

Identity management is reaching a tipping point. In 2022, we commissioned a survey of over 1,000 top IT security professionals for our 2022 Identity and Security Survey.

Since late December 2022, the ThreatSpike team has noticed a significant rise in highly targeted phishing campaigns aimed at the hospitality sector, which distribute infostealer malware. The threat actors (TAs) are primarily targeting front desk and reception staff, as they are responsible for handling customer queries via a generic email that can easily be found on the company website.

In a world where you can scan the veins in your hand to unlock a smartphone, how do you maintain control over personal data? Biometric authentication, the use of distinctive human features like iris patterns, fingerprints and even gait in lieu of a password, is gaining ground in the tech world. Proponents tout its inherent, hard-to-replicate qualities as a security benefit, while detractors see the same features as an invasion of privacy. Both sides may be right.

Finance Minister Nirmala Sitharaman advocated for the simplification of Know Your Customer (KYC) processes for financial services in a Budget speech that placed a broad emphasis on technology and tech-driven solutions. She also argued for increasing the utility of the DigiLocker platform for both individuals and businesses and giving Fintech Platforms more flexibility to access India’s digital infrastructure.

‘Can I trust a password manager that stores my data in the cloud?'

So far in this series, we’ve looked at the importance of securing an organization’s network, application components, and the endpoints that support them. In this post, we’ll look at the following best practices for protecting the different types of data that flow through these components. But first, we’ll look at how modern applications process and manage data, as well as common weaknesses and security threats to these systems.