As business has become more digital, data has become the most valuable asset of many organizations. But protecting that data has also become much more compli­cated as organizations increasingly migrate it to a mix of public and private cloud infra­structures, such as Microsoft Azure, Amazon Web Services, and Google Cloud.

Recently, a critical out-of-bounds vulnerability, assigned to CVE-2021-44142, was disclosed in Samba versions prior to 4.13.17. The Samba vulnerability carries a critical CVSS of 9.9 and allows attackers to remotely execute code on machines running a Samba server with a vulnerable configuration. The vulnerability was disclosed as part of the Pwn2Own Austin competition where researchers are challenged to exploit widely-used software and devices with unknown vulnerabilities.

Any cybersecurity breach is damaging to individual companies. But when it becomes a supply chain attack, the results can be chaotic and widespread. While most businesses overlook the dangers of supply chain cyber attacks, hackers have not. Malicious actors are continuously looking for, and finding, new ways to invade company networks. With these looming threats, companies must know how to prevent supply chain attacks and find new means of securing against cybersecurity breaches.

Many US military, government or critical national infrastructure organisation workloads that require FIPS compliance are also required to be deployed in air-gapped environments to provide an extra layer of protection.

Operators using VMware Tanzu Mission Control can now create and manage image registry secrets. This new feature of Tanzu Mission Control enables people to create image registry secrets in a single namespace and make them available for use by all namespaces in a cluster, providing a single place to manage all registry secrets for that cluster.

I was asked to write a pledge to help promote the importance of Safer Internet Day, which is taking place February 8. If you are not familiar with Safer Internet Day, it is a day dedicated to highlighting practical ways in which you can be involved in creating and maintaining a better online world. You can read more about it here. I took on this task and actually came up with two pledges: a personal and business one.

Today, anyone can contribute to some of the world’s most important software platforms and frameworks, such as Kubernetes, the Linux kernel or Python. They can do this because these platforms are open source, meaning they are collaboratively developed by global communities. What if we applied the same principles of democratization and free access to cybersecurity?

Plugins can help teams unlock the full potential of Mattermost, but they aren’t always ready to go out of the box. Learn how Chimera streamlines plugin configuration via an OAuth2 Proxy. One of the best aspects of any software offered in the Cloud is the ability to start using it in just a matter of minutes. The same is true for the Mattermost Cloud offering.

Last year we had a look at managing local groups with the custom groups promise type. As you may or may not recall, we used JSON-strings to imitate CFEngine bodies. This was due to the fact that the promise module protocol did not support bodies at that time. Today, on the other hand, we’re happy to announce that as of CFEngine 3.20, this will no longer be the case. In this blog post we’ll introduce the long awaited feature; custom bodies.

Enterprises are dealing with a deluge of observability data for both IT and security. Worldwide, data is increasing at a 23% CAGR, per IDC. In 5 years, organizations will be dealing with nearly three times the amount of data they have today. There is a fundamental tension between enterprise budgets, growing significantly less than 23% a year, and the staggering growth of data.