Operations | Monitoring | ITSM | DevOps | Cloud

Data Breaches

Cybersecurity with Ubuntu

The cybersecurity state of affairs can be described as too complex today. There is an enormous number of threats endangering sensitive data for the average IT team to cope with. Threats ranging from exposure of physical assets stored in an office, to “social engineering” attacks resulting in unauthorized access, or even threats that exploit obscure software vulnerabilities.

Kubernetes security issues: An examination of major attacks

In a never-ending game of cat and mouse, threat actors are exploiting, controlling and maintaining persistent access in compromised cloud infrastructure. While cloud practitioners are armed with best-in-class knowledge, support, and security practices, it is statistically impossible to have a common security posture for all cloud instances worldwide. Attackers know this, and use it to their advantage. By applying evolved tactics, techniques and procedures (TTPs), attackers are exploiting edge cases.

Red Canary says 43% Lack Readiness to Notify Customers of a Security Breach

The phrase ‘stakeholder management” assumes that stakeholders are truly informed by alerts. However, managers can only send communications out, they cannot force people to address them. To ensure your stakeholders are engaged during an incident, it is vital to set up a defined communication process. Yet, a recent Red Canary report1 found that 43% of surveyed participants lack readiness to notify the public and/or its customers in the event of a security breach.

Thoughts On the Codecov Breach

It was revealed just a few days ago that US Federal investigators are looking into an intrusion and insertion of malicious code into Codecov. As many readers here will already know, Codecov is a software auditing tool that analyses your source code to check for the amount of test coverage. The intrusion targeted the Codecov bash uploader, which is a script that provides a way to send coverage reports to Codecov.

The Facebook data breach that affects over 533 million users explained

If you’re a Facebook user, brace yourself for this one. It’s recently come to light that 533 million Facebook users’ details were found on a very suspicious hacker forum. The details found include users’ phone numbers, Facebook IDs, full names, locations, birthdays, and email addresses – all typical information that is stored on a Facebook account.

The Complete Guide to Data Breach Insurance

It’s been noted that there are two types of organizations – those that have suffered a data breach, and those that will fall victim to a data breach sooner than later (most likely sooner). The hard truth of this statement is reflected in the fact that according to some sources 97% of networks will experience a security compromise over any given six-month period. And with a staggering 9.7 billion data records having been breached since 2013, these numbers are only rising.

5 Common Elasticsearch Mistakes That Lead to Data Breaches

Avon and Family Tree aren’t companies you would normally associate with cybersecurity, but this year, all three were on the wrong side of it when they suffered massive data breaches. At Avon 19 million records were leaked, and Family Tree had 25GB of data compromised. What do they have in common? All of them were using Elasticsearch databases. These are just the latest in a string of high profile breaches that have made Elasticsearch notorious in cybersecurity.

7 High-Risk Events to Monitor Under GDPR: Lessons Learned from the ICO's BA Penalty Notice

Hello Security Ninjas, Today's IT world is complex and can be challenging for security operations teams. Nowadays, more apps are being integrated and interconnected than ever before. Cloud services and SaaS solutions purchased all throughout the organization outside of the IT department add even more complexity. Communicating to application and service owners the kind of activities that need to be logged and sent to the SOC can be a daunting task.

Magecart Strike Gold in their Latest Attack on JM Bullion

Our sources state that there has been a 20% increase in web-skimming attacks since the outbreak of the COVID-19 virus. Recently, we have witnessed some high-profile Magecart attacks including Boom! Mobile, Wisepay, PlayBack Now, and the most recent JM Bullion data breach.

Data Breach Detection Measures Include Using a Data Loss Prevention System

The network security basics for your organization should include some type of data breach detection tools. Data breaches are on the rise in recent years, including stealing personal information about employees and customers. From credit card numbers to social security numbers and pay records, hackers have stolen a wide range of data from businesses of all sizes. Any business that does not have data breach detection measures in place is vulnerable.