View this email in your browser

Thursday, July 15, 2021

A selection of the top articles and videos from the last week on Don't forget to check back regularly for daily updates from around the globe.

If you like SecurityBuzz, why not forward it to some friends or share the online version?

Until Next Time! 👏

Featured Post

Measuring security for cloud native applications

09-Jul-21   |   By Simon Maple, Field CTO   |   In Snyk , Application Security

Modern cloud-native applications - and the DevSecOps culture and practices used to manage them - introduce a fresh layer of challenges to the already thorny topic of security measurement. Historically, security has been typically measured on a regular but intermittent basis, at particular points in time. However, the pace of change at modern, cloud-native organisations, who've implemented DevSecOps and/or CI/CD, is relentless. Many deployments might be made in a single day, and the security posture of businesses might thus change dramatically over that time.

Read More
Featured Post

Remote possibility: how to help remote staff achieve better work-life balance

09-Jul-21   |   By Chester Avey   |   In SecuritySenses , DevOps

The Covid-19 pandemic has dramatically altered working experiences and what we consider to be normal. Almost every industry has been affected and businesses were forced to scramble to find ways of operating at such a difficult time. Things have begun to improve, and we may be through the worst of the pandemic, but it has had a lingering effect.

Read More

How to Set and Manage Active Directory Password Policy

15-Jul-21   |   By Jeff Melnick   |   In Netwrix , Active Directory

With cyberattacks exploding around the world, it’s more important than ever for organizations to have a robust password policy. Hackers often gain access to corporate networks through legitimate user or admin credentials, leading to security incidents and compliance failures. In this article, we will explore how to create and maintain a strong and effective Active Directory password policy.

Read More

Tips for hardening your container image security strategy

14-Jul-21   |   By Matt Jarvis   |   In Snyk , DevOps

In the first part of this blog series, we looked at security best practices for the base images which you might be using. But what happens to container image security when we add other things to it? Perhaps we’re installing additional software from upstream, and we’ve got custom applications of our own which might have their own dependencies also being installed. These things that we’ve added are under our control, and so we need to take responsibility for fixing vulnerabilities we have introduced.

Read More

Streamlining the SBOM: What You Need to Know for Software Bill of Materials Creation and Maintenance

14-Jul-21   |   By Rezilion   |   In Rezilion , DevOps

The Biden administration recently passed an Executive Order in the wake of another string of costly and embarrassing cyber attacks. Executive Order 14028 Improving the Nation’s Cybersecurity includes many new initiatives designed to share cybersecurity intelligence, modernize federal infrastructure, and improve the traceability and integrity of applications that store and process vital information. The last provision, laid out in Sec. 4 Enhancing Software Supply Chain Security, focuses on companies’ need to create a software bill of materials (SBOM) for their applications.

Read More

Key Takeaways for Developers From SOSS v11: Open Source Edition

14-Jul-21   |   By Meaghan McBee   |   In Veracode , Application Security

Our latest State of Software Security: Open Source Edition report just dropped, and developers will want to take note of the findings. After studying 13 million scans of over 86,000 repositories, the report sheds light on the state of security around open source libraries – and what you can do to improve it. The key takeaway? Open source libraries are a part of pretty much all software today, enabling developers to work faster and smarter, but they’re not static. Library popularity and usage changes and evolves with trends in software development, and if developers don’t keep up with these movements, the organizations they’re building innovative applications for are at greater risk of damaging data leaks and cyberattacks.

Read More

Meaningful security metrics

14-Jul-21   |   By Upasna Saluja   |   In AT&T Cybersecurity , Security
AT&T Cybersecurity

Security metrics are vital for you as a security leader to track the progress of your security program and have effective risk-focused conversations with business and operations stakeholders. Security metrics pave the way for security initiatives, facilitate resource, help communicate resource allocation and help communicate results with relevant stakeholders throughout the organization.

Read More

What is Zero Trust Architecture? 9 Steps to Implementation

14-Jul-21   |   By Kasey Hewitt   |   In SecurityScorecard , Risk Management

As more companies migrate to the cloud, the way that companies protect data changes as well. In a traditional on-premises network architecture, companies were able to follow the “trust but verify” philosophy. However, protecting cloud data needs to take the “never trust always verify” approach. Understanding what a Zero Trust Architecture is and how to implement one can help enhance security.

Read More

What is LDAP Injection? Various types with examples and attack prevention

14-Jul-21   |   By Harman Singh   |   In Cyphere , Cyberattacks

LDAP is a way for organisations to store user credentials and use them later. It provides access control as well as mechanisms to read and modify data. If the LDAP server isn’t properly configured or secured with another layer of protection, then it could be vulnerable to an attack called LDAP injection. However, you can only protect your applications if you: 1) know what LDAP is and 2) understand what can go wrong with it. You don’t necessarily need to be an expert in LDAP, but basic knowledge helps a lot.

Read More

Kaseya Ransomware Attack: How It Affects MSSPs and SMEs, and What to Do to Prevent It

14-Jul-21   |   By Denitsa Stefanova   |   In LogSentinel , MSSP

A cybercrime organization with Russian origins called REvil claims to have infected 1 million systems across 17 countries. It is now demanding $ 70 million in bitcoins in exchange for a “universal decryptor” that will return users’ access. Hackers targeted the US IT company Kaseya, and then used that company’s software to infiltrate the victims’ systems, using a zero-day vulnerability. They also appeared to have deliberately planned the attack on the 4th of July weekend, knowing that it’s a national holiday in the US and most of the US office workers would be out of office hence there will be not enough staff to respond to a security threat in a timely manner.

Read More

Why API testing is critical for today's business applications

14-Jul-21   |   By Yasmin Duggal   |   In Netacea , API

An application programming interface (API) enables communication and data exchange between two separate software systems. The application (or service) layer sits between the presentation and database layers and lays out the rules of how users can interact with services, data or functions of the application. API testing is a software testing practice that tests the functionality, reliability, performance and security of an API. It generally involves making requests to a single or sometimes multiple API endpoints and validating the response.

Read More

Best practices for a secure ecommerce website

13-Jul-21   |   By Robert Brandl   |   In AT&T Cybersecurity , Security
AT&T Cybersecurity

Ecommerce is a popular business model. Many people are getting into this business and looking for ways to secure early retirement from typical 9 to 5 jobs. With the right ideas and execution, there is a good chance that this will happen, but making it in eCommerce isn’t that easy as it was in the past. Yes, there are more options than ever in terms of delivery, logistics, storage, and creating an online store. However, there is a lot more competition, and everyone is looking for new ways to enhance their services and bring in more customers.

Read More

Advanced Kubernetes Pod to Node Scheduling

13-Jul-21   |   By Ben Hirschberg   |   In ARMO , Containers

In Kubernetes, the task of scheduling pods to specific nodes in the cluster is handled by the kube-scheduler. The default behavior of this component is to filter nodes based on the resource requests and limits of each container in the created pod. Feasible nodes are then scored to find the best candidate for the pod placement. In many scenarios, scheduling pods based on resource constraints is a desired behavior. However, in certain use cases Kubernetes administrators want to schedule pods to specific nodes according to other constraints. This is when advanced pod scheduling should be considered.

Read More

GLBA Compliance Checklist: Keeping Financial Data Safe And Secure

13-Jul-21   |   By Emily Heaslip   |   In Nightfall , Compliance

GLBA compliance isn’t something to take lightly. These measures are strictly enforced by the Federal Trade Commission (FTC). In 2018, for instance, Venmo and its parent company PayPal reached a settlement after complaints about the company’s handling of privacy disclosures. The peer-to-peer payment app had 150 days to adhere to GLBA compliance, or it faced fines of up $41,484 per violation. Fortunately, GLBA regulations are relatively straightforward; meeting GLBA compliance can be achieved with common-sense security measures, employee training, and regular privacy disclosures. Here’s what financial institutions need to know about GLBA compliance.

Read More

Protecting Your Business Against Malware in the Cloud

13-Jul-21   |   By Tripwire Guest Authors   |   In Tripwire , Cloud

There are multitudes of advantages that the cloud has to offer to companies. These include making the task of security management more accessible. However, there are still many gray areas associated with the cloud and its implications for an organization’s overall security. With the widespread implementation of cloud-based computing within enterprises, the conversation surrounding security management has become somewhat convoluted, which has only added to the difficulty of making effective security decisions.

Read More

ThreatQ Data Exchange Unlocks the Value of Industry Threat Intelligence Sharing

13-Jul-21   |   By Dave Krasik   |   In ThreatQuotient , Security

There’s no doubt that an analyst’s ability to efficiently share curated threat intelligence has a significant impact on the success of their organization’s overall security operations. In fact, this capability is so important that removing barriers to sharing threat information is the first requirement outlined in the Executive Order issued by the White House on May 12, 2021.

Read More

Don't Let Attackers Crumble Your Cookies: Electronic Arts Breach Lessons

13-Jul-21   |   By Hank Schless   |   In Lookout , Data Breaches

Leading American video game company Electronic Arts (EA) recently disclosed a breach that resulted in the theft of hundreds of gigabytes of data. The exfiltrated information included source code and software that power popular games like FIFA and Battlefield. What’s notable about this attack is that the attackers gained access to EA’s infrastructure through stolen Slack cookies that contained cached employee login credentials.

Read More

Five things you didn't know about OPA

13-Jul-21   |   By Styra   |   In Styra , Containers

When introducing Open Policy Agent (OPA) to application developers and platform engineers, I normally end my presentation with a bulleted list detailing what I think are the best steps to take to start learning OPA and its declarative policy language, Rego. Simple things like “start small,” “the docs are great, read them!” and “try the Styra Academy.” That kind of basic understanding of what OPA is and how to write simple policies in Rego and deploy them might actually be enough to solve most of the problems around application authorization a development team might be facing. Other scenarios will require a deeper understanding. Or someone might just find themselves enjoying learning more.

Read More

Intelligent Orchestration and Code Dx: Security superheroes

13-Jul-21   |   By Meera Rao   |   In Synopsys , Application Security

Building security into DevOps has its challenges. Address them with a modern approach to AppSec using Intelligent Orchestration and Code Dx. As a kid, I was fascinated by superheroes like Spider-Man and Superman, and now as an adult I enjoy watching Wonder Woman. There is something about these movies—all the superheroes are unseen and come to the rescue at the right time, and once they have helped, they just disappear without even taking any credit. It made me wonder: why can’t application security be invisible to an organization and especially to developers? Why should developers care what tools we run, how and where we run them, or how they’re configured?

Read More

Inside the Netskope NewEdge Data Center Factory

13-Jul-21   |   By Patrick Bohannon   |   In Netskope , Cloud

Over the last year, we’ve published a number of blogs talking about NewEdge, the network or infrastructure upon which we deliver the Netskope Security Cloud services, and comparing it to other approaches cloud security vendors have taken. We’ve talked at length about Netskope’s fundamental approach to overcoming the inherent performance limitations of the public Internet, as well as why backhauling (or “hairpinning”) inside the cloud is a bad strategy, why coverage isn’t just about counting data centers, and how important peering and an aggressive interconnection strategy is for the best performance and user experience.

Read More

Reduce open source software risks in your supply chain

12-Jul-21   |   By Hugues Martin   |   In Synopsys , Open Source

Knowing what’s in your open source software, whether you’re a consumer or producer, can help you manage security risks in your supply chain Modern open source software (OSS) is a movement that started in the eighties as a reaction to commercial software becoming more closed and protected. It allowed academics, researchers, and hobbyists to access source code that they could reuse, modify, and distribute openly. While the adoption of OSS in the corporate world was initially slow, it grew tremendously over the last two decades, and today almost all corporate software projects include some open source software.

Read More


12-Jul-21   |   By Shuo Yang   |   In Teleport , Access Management

This is a guest blog post from Shuo Yang in his blog series “Transitioning to Programming the Cloud”, as a part of our blog posts focusing on Identity, Security and Access. We talked about how AWS CIP, STS and IAM can serve as the foundation of application authorization in our last post, i.e., how the application gets the temporary credential representing a specific role (i.e. privileges) to access the resources of the applications — an architecture understanding how different building blocks work together under the hood.

Read More

6 Strategies for Cybersecurity Risk Mitigation

12-Jul-21   |   By Kasey Hewitt   |   In SecurityScorecard , Risk Management

This past year saw nearly a 300% increase in reported cybercrimes, according to the FBI’s Internet Crime Complaint Center (IC3). There has been a clear rise in threat volume and sophistication as many cybercriminals shift to techniques that can effectively evade detection and easily go after high-value targets. IoT devices are becoming a focus for threat actors, and threats related to credential harvesting and ransomware are also growing in number. Additionally, some cybercriminals are moving their infrastructure to the cloud in hopes of blending in among legitimate services.

Read More

Cloud Security Best Practices: Four Tips for Moving Security Technologies to the Cloud

12-Jul-21   |   By Gunter Ollmann   |   In Devo , Cloud

In my previous post, I discussed cloud-computing security challenges identified in our new report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits. Based on a survey conducted by Enterprise Strategy Group (ESG), the report found that while cloud computing does initially introduce security challenges and increased complexity, it’s worth it in the end. That said, CISOs need to strategically invest time and resources to achieve better security outcomes. In this final post in the series, I’ll outline how to shift to the cloud efficiently and securely.

Read More

Top 5 high severity CVEs detected by Detectify since June 2020

12-Jul-21   |   By Detectify   |   In Detectify , Security

We’re going to highlight the Top high severity CVEs found by Detectify. Thanks to the Crowdsource global community of handpicked ethical hackers, Detectify users get continuous access to the latest threat findings “from the streets” – even actively exploited vulnerabilities for which there aren’t yet any official vendor patches or updates. Since June 2020, our not-your-average Crowdsource hacker community has submitted over 600 vulnerability reports to us, including over 84 zero-days. Sometimes exploits are executed within minutes of discovery across the Internet, which is why the Detectify Security Research team puts an emphasis on deploying hacker-sourced vulnerability research to users as soon as possible.

Read More

[Infographics] Data Breach Statistics 2021

09-Jul-21   |   By Elena Vodopyan   |   In Netwrix , Data Breaches

Cybercrime has been on the rise for years now, and it is not showing any signs of slowing down. Indeed, the arrival of the COVID-19 pandemic in 2020 just fueled the situation, and the number of attacks is escalating. Here are important data breach statistics that can help you better understand the risk landscape for 2021.

Read More

PrintNightmare (CVE-2021-34527): what is it and how could it affect your organisation?

08-Jul-21   |   By George Glass   |   In Redscan , Security

But what is PrintNightmare, why are people so worried and what can organisations do to defend themselves? We address these issues and others in this PrintNightmare security advisory, which will be updated as new information becomes available.

Read More

16 Countries with GDPR-like Data Privacy Laws

08-Jul-21   |   By Mike Woodward   |   In SecurityScorecard , Legislation

Coming into force on May 25th, 2018, the General Data Protection Regulation (GDPR) was a landmark for data protection. Trading blocs, governments, and privacy organizations took note, and over the last three years, GDPR has inspired new data privacy legislation worldwide. In my view, there are two very commercial reasons why a country might adopt a version of the GDPR (aside from data protection for its citizens): (Countries with GDPR-like laws in blue - as of May 2021.) Let’s take a trip around the world and see where things stand three years after the GDPR came into force.

Read More

98% of Infosec Pros Say Multi-Cloud Environments Create Additional Security Challenges, Reveals Survey

08-Jul-21   |   By Jess Glackin   |   In Tripwire , Cloud

Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them against data loss and/or downtime, as an issue in one environment won’t necessarily spill over into another. But a multi-cloud strategy isn’t always easy.

Read More

What is data security breach? Examples and prevention

08-Jul-21   |   By Editor   |   In Cyphere , Data Breaches

Many compliance standards focus on protecting individual personal information and sensitive data in a world rife with cyber-attacks and data breaches. Now, companies need to make their systems immune to digital intrusion and prepared to reduce the attack surface for strong information security measures around private information. Data breaches are becoming a norm through the more and more rapid transition of physical businesses to online businesses and more online activities. Each day we come across the news of cyber attacks resulting in sensitive data breaches and sensitive information posted on the DarkWeb portals or hackers forums.

Read More
Copyright © 2021 OpsMatters, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp