You don't need to be a cybersecurity expert to know that ransomware attacks have become one of today's greatest IT security threats. From WannaCry to the attack against the city of Atlanta, major ransomware exploits have become so commonplace in the last few years that they may seem impossible to avoid. Fortunately, preventing ransomware is far from impossible. Let's take a look at a few strategies you can put in place to mitigate your risk of becoming part of the next ransomware statistic.

Here’s the latest news on Magecart and other website attacks! We’ve trawled the web for the latest news of data breaches, including updates on previous attacks with insights from our own Security Researcher.

Due to a number of vulnerabilities found in the version of Apache we bundle with CFEngine Hub, we have upgraded the CFEngine Hub packages to use an updated version of Apache. We upgrade from Apache 2.4.39 to Apache 2.4.41. We are now releasing a new version, CFEngine Hub 3.12.2-5. Only new Hub packages are being released, as no other packages are affected by these vulnerabilities.

A few months ago, LogicMonitor was certified to the ISO 27000 standards for Information Security management, so I thought I’d take the opportunity to write a bit about our efforts to build our information security certification program as well as our own best practices for secure use of the LogicMonitor platform.

Our user community spoke and we listened. You asked for Xray to be even more universal and support more package types… in particular Go and PHP Composer. With Visual Studio Code (VSCode) now having more than 4.5 million monthly active users, we also added a new VSCode plugin for Xray. This broad adoption of multiple programming languages and package types across organizations, is driving up the need for a more universal DevSecOps solution supporting more package types.

Over my last two posts (part 1 and part 2), I have investigated user authentication in Kubernetes and how to create a single sign-on experience within the Kubernetes ecosystem. So far I have explained how Open ID Connect (OIDC) works, how to get started with OIDC and how to perform a login from the command line. The final piece of this puzzle is the Kubernetes dashboard, often used by our engineers alongside kubectl.

Researchers at Netflix and Google recently reported a vulnerability in the HTTP/2 protocol that enables adversaries to execute a DOS attack by legitimate use of the protocol. These types of attacks are very difficult to detect and mitigate because the traffic is valid HTTP/2 traffic. While HTTP/2 is a relatively new protocol it should be noted that even after several years of hardening we still see vulnerabilities for the TCP protocol like the recently reported SACK vulnerability.