%term

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

The new ransomware-as-a-service (RaaS) operation MichaelKors

May 30, 2023 By Vincent de Vries In OpsLogix

A new ransomware-as-a-service (RaaS) operation called MichaelKors has recently emerged, which targets Linux and VMware ESXi systems. The cybersecurity firm CrowdStrike warns that this trend is significant since ESXi does not support third-party agents or antivirus software which makes it an attractive target for cybercriminals.

Read Post

OpsLogix

Read more about The new ransomware-as-a-service (RaaS) operation MichaelKors

CFEngine: The agent is in 25 - Migrating traditionally managed policy to cfbs

May 30, 2023 By CFEngine In CFEngine

"CFEngine: The Agent Is In" is our monthly webinar series, where we show new features, teach best practices, and keep the community informed about everything CFEngine.

View Video

CFEngine

Read more about CFEngine: The agent is in 25 - Migrating traditionally managed policy to cfbs

The Dark Side of DevSecOps and the case for Governance Engineering

May 29, 2023 By Mike Long In Kosli

For today’s software organizations security has never been more top of mind. On one side there is the present and growing threat of being hacked by malicious actors, set out in Crowdstrike’s recent Global threat report. And, on the other, there is a wave of cybersecurity regulation from the government to mitigate such cybersecurity vulnerabilities.

Read Post

Kosli

Read more about The Dark Side of DevSecOps and the case for Governance Engineering

The Swedbank Outage shows that Change Controls don't work

May 29, 2023 By Mike Long In Kosli

This week I’ve been reading through the recent judgment from the Swedish FSA on the Swedbank outage. If you’re unfamiliar with this story, Swedbank had a major outage in April 2022 that was caused by an unapproved change to their IT systems. It temporarily left nearly a million customers with incorrect balances, many of whom were unable to meet payments.

Read Post

Kosli

Read more about The Swedbank Outage shows that Change Controls don't work

SIEM Tools: For Enhanced Threat Intelligence and System Security

May 29, 2023 By Aiswarya S In Atatus

SIEM is an overarching mechanism combining Security Event Management (SEM) and Security Information Management (SIM). It is a combination of different tools such as Event Logs, Security Event Logs, Event Correlation, SIM etc. These work in tandem to provide you an up-to-date threat intelligence infrastructure and enhanced security for your applications and hardware.

Read Post

Atatus

Read more about SIEM Tools: For Enhanced Threat Intelligence and System Security

Agent and agentless: An ongoing battle

May 26, 2023 By Tyler Constable In Avantra

Observability of an SAP environment is critical. Whether you have a large complex and hybrid environment or a small set of simply architected systems, the importance of these systems is probably crucial to your business. Just thinking about system outages keeps us up at night, let alone the pressure of system performance, cross system communication and proper backend processing.

Read Post

Avantra

Read more about Agent and agentless: An ongoing battle

How to Conduct a Workplace Risk Assessment

May 26, 2023 By OpsMatters In OpsMatters

Workplaces are unavoidably hazardous places, no matter how anodyne they may seem from outside. Administrative offices may have chemical cleaning products lurking behind kitchenette cupboards, or electrical hazards within arm's reach of a desk. For this reason, risk assessments are a vital part of every business' health and safety programmes. How should one be conducted, though?

Read Post

OpsMatters

Read more about How to Conduct a Workplace Risk Assessment

How to secure your MLOps tooling?

May 26, 2023 By Andreea Munteanu In Canonical

Generative AI projects like ChatGPT have motivated enterprises to rethink their AI strategy and make it a priority. In a report published by PwC, 72% of respondents said they were confident in the ROI of artificial intelligence. More than half of respondents also state that their AI projects are compliant with applicable regulations (57%) and protect systems from cyber attacks, threats or manipulations (55%). Production-grade AI initiatives are not an easy task.

Read Post

Canonical

Read more about How to secure your MLOps tooling?

SSL Handshakes Explained #ssl #frontend #frontenddeveloper #cloudservices

May 26, 2023 By Sematext In Sematext

View Video

Sematext

Read more about SSL Handshakes Explained #ssl #frontend #frontenddeveloper #cloudservices

How to manage CVE security vulnerabilities with Grafana, MergeStat, and OSV-Scanner

May 25, 2023 By Patrick DeVivo In Grafana

Patrick DeVivo is a software engineer and founder of MergeStat, an open source project that makes it possible to query the contents, history, and metadata of source code with SQL. The security posture of software supply chains has been a significant topic lately. Recent high-profile breaches have shown the importance of managing risks from third party code. Take, for example, the Log4Shell vulnerability (tracked as CVE-2021-44228 — Grafana Labs was not affected).

Read Post