Trustwave recently completed an almost three-year-long project that took the team to several of the most exotic Pacific paradises on the map. The trip was not a vacation as we spent long days helping install a wide variety of defensive platforms designed to protect national governments from cyberattacks, but one really couldn’t complain about the location.
One of the common concerns about migrating applications to Kubernetes is the control over the network traffic egressing your environment. Due to its highly dynamic architecture, Kubernetes will not tie a specific IP address to an application by default. Instead, it will lease a different IP address from an IP pool whenever the application restarts.
Established in 1875, HanseMerkur is one of the oldest private health insurance companies in Germany, with customers across Europe. The company ran multi-tenant clusters on premises with Kubespray, with around 150 internal software developers as users. As the company must handle personal information and confidential data, it adheres to ISO 27001, the German equivalent of SOC 2, as per industry standards.
Every news article about a threat group or attack floods the reader with classifications: nation-state groups, hacktivists, cyberterrorists, etc. But how can we define who is what? How can we differentiate between said categories? How should we deal with potential classification overlaps? Especially in the ever-evolving cyberwarfare realm, how can we approach these closely rooted phenomena?
ChatGPT has been taking the World by storm, but it’s bringing with it issues around cybersecurity, data protection, and data privacy. IT leaders and business leaders are looking to create policies that will help protect their people and corporate assets, but so few people really understand the technology well enough to grasp and weigh the benefits, the concerns, and implications for the cybersecurity industry, in general.
A survey by PasswordManager.com has found that one in three job seekers has fallen for, and responded to, fake job scams over the past two years. “Nearly 4 in 10 respondents, all of whom have searched for a job within the last two years, say they’ve encountered job postings that turned out to be a scam,” the researchers write.
The recent conviction of a U.K. man for cyber crimes committed in 2018 brings to light a cyber attack where this attacker manually performed the “in-the-middle” part of an attack. We’ve all heard of a “Man-in-the-Middle” (MitM) attack – also more recently called a “Manipulator-in-the-Middle” attack.
Details from a simple impersonation phishing attack show how well thought out these attacks really are in order to heighten their ability to fool victims and harvest credentials. Credential harvesting scams are pretty simple at face value: send an email that links to a spoofed login page/website, and let the credentials roll on in.
