State-sponsored threat actors continue to exploit legitimate cloud services. In their latest campaign, uncovered by Malwarebytes during January 2022, the North Korean group Lazarus (AKA HIDDEN COBRA) has been carrying out spear phishing attacks, delivering a malicious document masquerading as a job opportunity from Lockheed Martin (37% of malware is now delivered via Office documents).
Aside from executing physical attacks on servers, hardware or people, there are three main access points where criminals can break into systems: web, mobile and API. In this post, we’ll focus on mobile security, an area increasingly being exploited due to a sharp rise in mobile device use over the course of the pandemic.
We recently held a panel discussion with Peak’s Gary Myers, Free Agent’s Richard Grey, Trace’s Sorcha Lorimer, and our own Guillaume Montard to pose the question: “How do you bridge the gap between security and privacy teams?” If you weren’t able to join us, here’s a rundown of the key takeaways that came up during the chat. You can also find an archive of the discussion at the end of this post if you’d love to watch it in its entirety.
Cloud computing is a highly convenient and cost-effective way of storing data, but it also comes with risks. Businesses often use this technology without understanding how vulnerable they are to security breaches. With the rise in cybercrimes, businesses need to be more vigilant about their data security than ever before. This article will discuss some of the most common cyber security risks associated with cloud computing and provide information on how they can be managed.
Netskope is a leading provider of cloud security with its security service edge, single-pass architecture. Using clients to steer traffic to the Internet through the Netskope Security Cloud means that customers can securely enable data moving into and out of the distributed corporate environment. But this traffic has to originate from an endpoint—and endpoints can be compromised. How do organizations know whether SaaS traffic originating from an endpoint is potentially compromised or at risk?
Predicting the future is tricky business. However, when you’re privileged enough to frequently speak with the technology leadership at Fortune 500 companies, looking forward is less about gazing into a crystal ball and more of an extrapolation of trends that you're seeing. I’m honored that Fast Mode published my article detailing what I think is in store for cloud computing in 2022.
Since organizations around the globe began investing more aggressively in their digital transformation by migrating and modernizing applications within the cloud, the value of audit logging has shifted. It has expanded from industries like finance and healthcare to nearly any company with a digital strategy.
Snyk’s developer security platform provides developers and security professionals with the tools they need to build and operate modern applications securely. Snyk enables users to shift security left and to embrace a DevSecOps model. Modern application development teams understand that shifting left means bringing information to developers’ fingertips as early as possible in the development process to create efficient and secure applications and development processes.
