Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file. Other times, they take the form of API keys, tokens, cookies or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, copy to CI/CD systems and code linters. Eventually someone leaks, intercepts or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.

The abuse of Google Drive to deliver malicious content continues, and two recent examples remind us how the flexibility of this cloud storage tool can be easily weaponized by malicious actors. And the spectrum of content that can be distributed, and victims that can be targeted is surprising.

With the new year just around the corner, the world of business is set to see great change. From 5G and the Internet of Things to the blockchain, new technology trends are creating a digital transformation for companies on a global level. In this article, we’ll take a look at the latest trends in technology to keep an eye out for in 2022 and beyond.

Earlier this month, a group of researchers at the University of Cambridge published an academic paper, with an accompanying website, on a new type of potential vulnerability that could appear in source code. They called it Trojan Source.

What is the XDR paradox? It’s the hottest term in security but there is no consensus yet on the right definition. Why is that? Many organizations have deployed EDR and are benefiting from it, but also looking to the gaps that EDR can’t address such as unmanaged / compromised devices or network-centric TTPs. Likewise, many vendors of EDR/SIEM products have realized they have the same general workflow (analyze data, present an alert, triage it, etc).

In 2020, we saw cybersecurity move from a technical problem to become a business enabler. In 2022, we will see 5G go from new technology to a business enabler bringing previously unimaginable use cases because of its high bandwidth and lower latency. Data from the current AT&T Cybersecurity Insights Report shows that 5G technology is being driven by the line of business and has been siloed between IT and OT organizations.

I am excited to share a major milestone for our company: the Lookout Cloud Access Security Broker (CASB) has been named a Major Player in the 2021 IDC MarketScape Worldwide Cloud Security Gateways (CSG) Vendor Assessment (Doc # US48334521, November 2021). When Lookout acquired CipherCloud back in March 2021, the two companies came together with a mission to build a platform that provides intelligent Zero Trust access by leveraging in-depth telemetry from endpoint to cloud.

As we embark on another holiday season in the United States, we are being told to start our holiday shopping even earlier this year to avoid some of the delays in shipping. These slowdowns stem from a number of factors, including container shortages, Covid-19 outbreaks that backlogged ports, and a dearth of truck drivers and warehouse workers. Even without the shortages and slowdowns, retailers are in for a long holiday season ahead of them as sales are predicted to grow by 7% this holiday season.

In this tutorial, we will walk through the end-to-end process of scanning your Amazon S3 buckets for sensitive data with Nightfall’s S3 Sensitive Data Scanner. By the end of this tutorial, you will have an exported spreadsheet report (CSV) of the sensitive data in your S3 buckets.