HackDig : Dig high-quality web security articles for hackers

Canonical Publishes Secure Container Application Images on Docker Hub

Canonical, the publisher of the Ubuntu Linux distribution, announced on Tuesday that it has made available long-term support (LTS) container images on Docker Hub, promising up to 10 years of security maintenance.Canonical’s LTS Docker Image Portfolio includes both free and commercial images. Some of these hardened images have a five-year free security mainte
Publish At:2020-11-24 11:45 | Read:109 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Cloud Security

AWS Network Firewall Now Generally Available

Amazon Web Services (AWS) on Tuesday announced the general availability of AWS Network Firewall, a managed security service designed to help customers protect their virtual networks.AWS Network Firewall can easily be enabled from the AWS Console for specified virtual private cloud (VPC) environments, and the company says there are no extra charges for users
Publish At:2020-11-18 14:05 | Read:54 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security

VoltPillager: New Hardware-Based Voltage Manipulation Attack Against Intel SGX

A group of researchers from the University of Birmingham has devised a new attack that can break the confidentiality and integrity of Intel Software Guard Extensions (SGX) enclaves through controlling the CPU core voltage.The attack relies on VoltPillager, “a low-cost tool for injecting messages on the Serial Voltage Identification bus between the CPU and th
Publish At:2020-11-16 15:17 | Read:158 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Cloud Security Vulnera

Data Security: Building for Today’s Hybrid Cloud World

When it comes to data security, do you feel you have the full story? And if you do, is that full story captured in one book or across different volumes? Due to what some in the industry have lovingly called ‘tool sprawl,’ the average IT and security team spends its day referencing anywhere from 10 to 30 different solutions. If even a fraction of
Publish At:2020-11-12 14:52 | Read:167 | Comments:0 | Tags:Cloud Security Security Services Data Security Hybrid Cloud

Menlo Security Raises $100 Million at $800 Million Valuation

Cloud security company Menlo Security on Thursday announced that it has raised $100 million in a Series E funding round, valuing the firm at $800 million.The latest funding round, which brings the total raised by Menlo Security to $260.5 million, was led by Vista Equity Partners, with participation from Neuberger Berman, General Catalyst, JP Morgan and other
Publish At:2020-11-12 13:46 | Read:157 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Management & Strategy

Implement Cloud Security Best Practices With This Guide

As more employees opt for remote work, organizations rely on cloud computing options for easy access to corporate data and applications. This dependence on the cloud also puts a new emphasis on cloud security.   Yet, cloud security continues to be an afterthought for many companies. Industry leaders may be confused over who is responsible for security
Publish At:2020-11-12 10:58 | Read:84 | Comments:0 | Tags:Cloud Security Cloud Computing Cloud Strategy Cloud security

Building a Security Alliance with Your Cloud Partners

As more infrastructure is moved to the cloud, there are many opportunities to reconsider your security stance and relationships to build ever stronger and more secure IT solutions whilst reducing your security costs. In this post, I’m looking to explore some ways that you can build out your alliances to be better prepared and battle-worthy on the digital sec
Publish At:2020-11-05 03:19 | Read:123 | Comments:0 | Tags:Cloud cloud security cloud services hybrid cloud security

Securing Data-in-Use With Confidential Computing

Confidential Computing Capabilities and Services Will be a Competitive Differentiator for Cloud ProvidersMost organizations should have mastered by now the first two pillars of data protection – securing data-at-rest and data-in-transit – across their hybrid enterprise environments. The third data protection pillar – securing data-in-use (i.e., protecting an
Publish At:2020-11-03 19:10 | Read:188 | Comments:0 | Tags:INDUSTRY INSIGHTS Cloud Security Data Protection

Asset Discovery Startup Lucidum Launches With $4 Million in Seed Funding

San Jose, California-based asset discovery company Lucidum emerged from stealth mode on Friday with $4 million in seed funding.Lucidum has developed a platform that leverages machine learning to analyze data from nearly 100 existing tools and platforms in an effort to provide visibility into computers, mobile and IoT devices, cloud environments, and microser
Publish At:2020-10-30 13:46 | Read:213 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Cloud Security Manageme

StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations

Container and Kubernetes security company StackRox on Wednesday announced the release of KubeLinter, an open source tool designed to help users identify misconfigurations in Kubernetes deployments.KubeLinter is a static analysis tool that checks YAML files, which store configuration data for Kubernetes applications, to ensure that security best practices are
Publish At:2020-10-28 14:58 | Read:161 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security

Cybersecurity Strategy: Building Trust on Shifting Sands

This is the first in a blog series about building and maintaining brand trust.  Transforming the enterprise for digital business requires a change in technology, process and culture. Along with this comes necessary changes on a cybersecurity strategy. Like walking on shifting sands, keeping cybersecurity strategy top of mind while going through major b
Publish At:2020-10-27 20:34 | Read:198 | Comments:0 | Tags:Application Security Cloud Security Risk Management Security

Microsoft Introduces New Password Spray Detection for Azure

Microsoft this week announced the availability of a new password spray detection for Azure AD Identity Protection customers.Password spraying represents one of the most common forms of attack, where threat actors attempt to breach organizations by trying common passwords against multiple accounts. According to Microsoft, one-third of account compromises are
Publish At:2020-10-27 15:34 | Read:135 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Cloud Security

Palo Alto Networks Threatens Legal Action Over Product Comparison

Palo Alto Networks has threatened legal action against cloud visibility solutions provider Orca Security after the latter published a video comparing products from the two companies.The issue was made public last week in a blog post written by Avi Shua, co-founder and CEO of Orca Security. The video made by Orca in August, which is still available on YouTube
Publish At:2020-10-26 12:16 | Read:108 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Management & Strategy

Crisis and an Incontestable Need for Security — A Business Viewpoint

Data, data, data.  We have plenty of it, and in the eyes of some, it’s considered too much of a good thing. In practical terms, too much data often translates into blurred sight lines or the likely abetting of threats hiding within our environment. Improperly managed, it surely affects one’s ability to simply ‘see’ what’s
Publish At:2020-10-19 09:46 | Read:274 | Comments:0 | Tags:Cloud Security Data Protection Security Services Cybersecuri

Modernizing Your Security Operations Center for the Cloud

Several factors are converging to exert pressure on how security operations centers (SOCs) traditionally function. Evolving information technology (IT) infrastructure, such as cloud migration, serverless services and endpoints being off-network, are straining existing SOC methodologies and tooling. The attack surface is expanding as a result of the distribu
Publish At:2020-10-14 06:45 | Read:248 | Comments:0 | Tags:Cloud Security Incident Response Risk Management Cloud Secur