From the history of supply chain security threats to security development and deployment we've covered everything you’ve always wanted to know about the software supply chain but were afraid to ask. Dan Lorenc, Founder/CEO, Chainguard, Paddy Carey, Senior Staff Engineer, Cloudsmith, Adil Leghari, Solutions Architect Manager, Cloudsmith and Dan McKinney, Developer Relations, Cloudsmith, gathered for a fireside chat to cover your most burning questions.

Apple once ran, and caught a reasonable amount of flak for, an ad that implied Macs didn’t get viruses. The PC (John Hodgman) in the ad says there were “114,000 known viruses” for PCs in 2006, to which the Mac (Justin Long) replies, “PCs. Not Macs.” While misleading, it’s technically correct, which may have been sufficient to avoid truth-in-advertising lawsuits.

A few days ago, security researcher Max Kellermann published a vulnerability named DirtyPipe which was designated as CVE-2022-0847. This vulnerability affects the Linux kernel and if exploited, can allow a local attacker to gain root privileges. The vulnerability gained extensive media follow-up, since it affects all Linux-based systems with a 5.8 or later kernel, without any particular exploitation prerequisites.

According to Gartner, by 2023, 60% of enterprises will phase out their VPN in favor of Zero Trust Network Access (ZTNA). In this blog, discover the four key advantages of ZTNA vs VPN. VPN (Virtual Private Network) has been the dominant solution securing remote access for users and has been considered a good solution for almost three decades. VPN benefits included keeping data secure, protecting online privacy, and reducing bandwidth throttling.

It is always big news when governmental organizations are attacked. And they are attacked frequently. Hackers love headlines, which is one reason to go after high profile government targets. But the real reason hackers love governmental organizations is because that’s where the juicy data is. Even small governmental organizations hold confidential and classified information—exactly the secrets state-sponsored groups and other cybercriminals drool over.

Cyber attacks present an imminent threat to our digital assets. And they come in a variety of ways, including computer viruses, Denial-of-service (DoS), hacking, ransomware, memcached. In February 2022, White House deputy national security adviser for cyber and emerging technology Anne Neuberger claimed that the Russian hackers conducted a DDoS attack on the Ukrainian banks and Ministry of Defense before their military attacks.

Microsoft Azure Sentinel is an intelligent, next-generation security information and event management (SIEM) solution designed to detect threat anomalies. Azure Sentinel is also categorized as a security orchestration automated response (SOAR) service that expedites the incident detection and event response process for cybersecurity teams. Azure Sentinel provides an extra layer of security to protect critical resources across an organization.

With the exponential rise in cybercrimes in the last decade, cybersecurity for businesses is no longer an option — it’s a necessity. Fuelled by the forced shift to remote working due to the pandemic, US businesses saw an alarming 50% rise in reported cyber attacks per week from 2020 to 2021. Many companies still use outdated technologies, unclear policies, and understaffed cybersecurity teams to target digital attacks.