Friday, December 8, 2023

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library

Home
Security Bloggers Network
Webinars
Events
- Upcoming Events
- On-Demand Events
Sponsored Content
Chat
Library
Related Sites
Media Kit
About
Sponsor

Analytics
AppSec
CISO
Cloud
DevOps
GRC
Identity
Incident Response
IoT / ICS
Threats / Breaches
More
Humor

Hot Topics

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says
Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan
DEF CON 31 - Alexander Dalsgaard Krog’s, Alexander Skovsende’s ‘Backdoor In The Core - Altering Intel x86 Instruction Set At Runtime’
Enhancing Executive Cyber Health: BlackCloak's Personalized Security Solutions
Fighting the Next Generation of Fraud

macOS malware cracked software trojan

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says

Dec 8 | Jeffrey Burt

A caricature of Russian president-for-life Vladimir Vladimirovich Putin

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

Dec 8 | Richi Jennings

fraud e-commerce E-Retailers: Stay Secure

Identity Fraud Rises as E-Commerce, Payment Firms Targeted

Dec 8 | Nathan Eddy

CISA memory safe programming language

CISA to Developers: Adopt Memory Safe Programming Languages

Dec 7 | Jeffrey Burt

Dragos OT cybersecurity critical infrastructure

Dragos Offers Free OT Security Tools to Small Utilities

Dec 7 | Jeffrey Burt

Topic Spotlight

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

December 8, 2023 | Richi Jennings

23andMe Finally Admits: 6.9 MILLION Users’ PII Breached

December 5, 2023 | Richi Jennings

TikTok Ban Banned — Montana Loses in US Court

December 1, 2023 | Richi Jennings

Analytics and Intelligence

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says

Cybersecurity Data Security Endpoint Featured Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says

December 8, 2023 Dec 8 | Jeffrey Burt 0

Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics Digital Transformation Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

December 8, 2023 Dec 8 | Richi Jennings 0

Analytics & Intelligence Cybersecurity Data Privacy Data Security Governance, Risk & Compliance Identity & Access Security Boulevard (Original) Social - X Social Engineering Threat Intelligence Threats & Breaches Vulnerabilities

Fighting the Next Generation of Fraud

December 8, 2023 Dec 8 | Alex Zeltcer 0

More Analytics and Intelligence

Application Security

Application Security Identity & Access Security Bloggers Network Vulnerabilities

SonicWall WXA – Authentication Bypass and Remote Code Execution Vulnerability

December 7, 2023 Dec 7 | emmaline 0

Application Security Security Bloggers Network

Is Web Scraping Illegal? Depends on Who You Ask

December 7, 2023 Dec 7 | Erez Hasson 0

Application Security Security Bloggers Network

Critical OWASP Mobile Top 10 2023 Vulnerabilities [+Mobile App Pen-testing Checklists]

December 7, 2023 Dec 7 | Vinugayathri Chinnasamy 0

More Application Security

CISO

CISO Suite Security Bloggers Network

The Top 5 trends every CISO needs to know for 2024

December 7, 2023 Dec 7 | Nicole Lavella 0

CISO Suite Security Bloggers Network

A deep dive into Browser Security

December 7, 2023 Dec 7 | Negin Aminian 0

CISO Suite Security Bloggers Network

ChatGPT one year later: Challenges and learnings

December 5, 2023 Dec 5 | Sarah Hartman 0

Cloud Security

Dragos Offers Free OT Security Tools to Small Utilities

Cloud Security Cybersecurity Data Security DevOps Featured Industry Spotlight IoT & ICS Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence

Dragos Offers Free OT Security Tools to Small Utilities

December 7, 2023 Dec 7 | Jeffrey Burt 0

Cloud Security DevOps Security Bloggers Network

What is Azure Policy: All You Need to Know

December 7, 2023 Dec 7 | Tally Shea 0

Application Security Cloud Security Cybersecurity Data Security Identity & Access Malware Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches

CISA: Hackers Use ColdFusion Flaw to Breach Federal Agency

December 6, 2023 Dec 6 | Jeffrey Burt 0

More Cloud Security

DevOps Security

DevOps Endpoint Incident Response Network Security Security Bloggers Network

How Data Ingestion Works in SOAR

December 7, 2023 Dec 7 | Flora Zhang, Engineering 0

DevOps Security Bloggers Network

The Top 5 trends every DevOps leader needs to know for 2024

December 7, 2023 Dec 7 | Aaron Linskens 0

Cybersecurity Data Security DevOps Endpoint Featured Industry Spotlight Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Vulnerabilities

CISA to Developers: Adopt Memory Safe Programming Languages

December 7, 2023 Dec 7 | Jeffrey Burt 0

More DevOps Security

Incident Response

Concerned About Business Email Compromise? 4 Technologies That Can Help

Analytics & Intelligence Cybersecurity Data Security Incident Response Mobile Security Security Boulevard (Original) Social - X Social Engineering Threat Intelligence Threats & Breaches Vulnerabilities

Concerned About Business Email Compromise? 4 Technologies That Can Help

December 7, 2023 Dec 7 | Gilad David Maayan 0

Analytics & Intelligence Application Security Cybersecurity Governance, Risk & Compliance Incident Response Mobile Security Security Boulevard (Original) Social - X Threat Intelligence Threats & Breaches Vulnerabilities

5 Security Benefits of Application Mapping

December 6, 2023 Dec 6 | Gilad David Maayan 0

Analytics & Intelligence Cybersecurity Data Security Governance, Risk & Compliance Incident Response Security Awareness Security Boulevard (Original) Social - X Threat Intelligence Threats & Breaches Vulnerabilities

Understanding Each Link of the Cyberattack Impact Chain

December 6, 2023 Dec 6 | Matt Lindley 0

More Incident Response

IoT & ICS Security

Use Windows 10? You Must PAY for Security

API Security Application Security AppSec Cybersecurity Data Privacy Data Security Editorial Calendar Endpoint Featured Humor Industry Spotlight IoT & ICS Security Malware Most Read This Week Network Security News Popular Post Ransomware Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Software Supply Chain Security Spotlight Threats & Breaches Vulnerabilities

Use Windows 10? You Must PAY for Security

December 6, 2023 Dec 6 | Richi Jennings 0

Cybersecurity Data Security DevOps Industry Spotlight IoT & ICS Security Malware Network Security News Security Boulevard (Original) Social - X Social Engineering Spotlight Threat Intelligence

Russian-Backed Hackers Target High-Value US, European Entities

December 6, 2023 Dec 6 | Jeffrey Burt 0

Cloud Security Cybersecurity Endpoint Featured Industry Spotlight IoT & ICS Security Malware Mobile Security Network Security News Security Boulevard (Original) Social - X Spotlight Threat Intelligence

P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices

December 4, 2023 Dec 4 | Jeffrey Burt 0

More IoT & ICS Security

Threats and Breaches

Identity Fraud Rises as E-Commerce, Payment Firms Targeted

Analytics & Intelligence Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access News Security Boulevard (Original) Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities

Identity Fraud Rises as E-Commerce, Payment Firms Targeted

December 8, 2023 Dec 8 | Nathan Eddy 0

Data Security Security Bloggers Network Threats & Breaches

Millions affected by breaches affecting 23andMe, medical transcription service

December 7, 2023 Dec 7 | Rosa Lear 0

Data Security Security Bloggers Network Threats & Breaches

New Rules on Cybersecurity Reporting Come Into Force Next Week | ARIA

December 7, 2023 Dec 7 | ARIA Cybersecurity Solutions 0

More Threats and Breaches

Industry Spotlight

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Deep Fake and Other Social Engineering Tactics Digital Transformation Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

December 8, 2023 Dec 8 | Richi Jennings 0

TA446’s new TTPs: “Star Blizzard” FSB team called out by Five Eyes governments (again).

CISA to Developers: Adopt Memory Safe Programming Languages

Cybersecurity Data Security DevOps Endpoint Featured Industry Spotlight Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Vulnerabilities

CISA to Developers: Adopt Memory Safe Programming Languages

December 7, 2023 Dec 7 | Jeffrey Burt 0

Dragos Offers Free OT Security Tools to Small Utilities

Cloud Security Cybersecurity Data Security DevOps Featured Industry Spotlight IoT & ICS Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence

Dragos Offers Free OT Security Tools to Small Utilities

December 7, 2023 Dec 7 | Jeffrey Burt 0

Use Windows 10? You Must PAY for Security

API Security Application Security AppSec Cybersecurity Data Privacy Data Security Editorial Calendar Endpoint Featured Humor Industry Spotlight IoT & ICS Security Malware Most Read This Week Network Security News Popular Post Ransomware Securing the Edge Security at the Edge Security Awareness Security Boulevard (Original) Security Challenges and Opportunities of Remote Work Software Supply Chain Security Spotlight Threats & Breaches Vulnerabilities

Use Windows 10? You Must PAY for Security

December 6, 2023 Dec 6 | Richi Jennings 0

Russian-Backed Hackers Target High-Value US, European Entities

Cybersecurity Data Security DevOps Industry Spotlight IoT & ICS Security Malware Network Security News Security Boulevard (Original) Social - X Social Engineering Spotlight Threat Intelligence

Russian-Backed Hackers Target High-Value US, European Entities

December 6, 2023 Dec 6 | Jeffrey Burt 0

Upcoming Webinars

How Boundless Software Accelerated Customer Onboarding With Calico Cloud and Amazon EKS

How Boundless Software Accelerated Customer Onboarding With Calico Cloud and Amazon EKS

December 11, 2023, 11 AM EST

Boundless Software used Calico Cloud and Amazon Elastic Kubernetes Service (EKS) to streamline their infrastructure operations and services, achieve SOC 2 compliance and build out their scalable Switchblade architecture. This significantly reduced ... Read More

API Security

API Security

December 11, 2023, 1 PM EST

As more APIs are deployed and invoked, the number of cybersecurity incidents involving these endpoints is starting to rise. Cybercriminals now realize APIs are not only vulnerable; they also make it simpler ... Read More

Click here for Industry spotlight inclusion guidelines

The Industry Spotlight Section of Security Boulevard is the place where tools and service providers in the security field contribute to the community discussion with original content. While there are vendor blogs in the Security Bloggers Network, original content from these vendors are featured here. The articles here must meet several criteria to be published:

* Must be original when published
* Must be vendor neutral
* Must be transparent as to authorship
* Must be of value to the community

Articles in the spotlight are authored by vendors. Some are even sponsored. If you want to take the information with a grain of salt, that is entirely up to you. When you think about it, who knows the use cases, product capabilities and markets better than vendors? If you would like to submit an article to this section, please write to [email protected].

Techstrong TV – Live

Click full-screen to enable volume control

Watch latest episodes and shows

Upcoming Webinars

Mon 11

How Boundless Software Accelerated Customer Onboarding With Calico Cloud and Amazon EKS

December 11 @ 11:00 am - 12:00 pm

Mon 11

API Security

December 11 @ 1:00 pm - 2:00 pm

Thu 14

AWS Immersion Day: Securing Your Infrastructure-as-Code With Snyk and HashiCorp

December 14 @ 1:00 pm - 3:00 pm

Tue 19

Best Practices to Secure and Protect Modern Software Applications

December 19 @ 9:00 am - 10:00 am

Feb 12

Ransomware

February 12, 2024 @ 1:00 pm - 2:00 pm

Mar 11

Securing Open Source

March 11, 2024 @ 1:00 pm - 2:00 pm

May 20

Zero-Trust

May 20, 2024 @ 1:00 pm - 2:00 pm

Subscribe to our Newsletters

Security Bloggers Network - Latest

2 hours ago | Jeffrey Burt

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says

2 hours ago | Richi Jennings

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

3 hours ago | Marc Handelman

DEF CON 31 – Alexander Dalsgaard Krog’s, Alexander Skovsende’s ‘Backdoor In The Core – Altering Intel x86 Instruction Set At Runtime’

4 hours ago | Rob Duncan

Enhancing Executive Cyber Health: BlackCloak’s Personalized Security Solutions

5 hours ago | Alex Zeltcer

Fighting the Next Generation of Fraud

Most Read on the Boulevard

Limiting Remote Access Exposure in Hybrid Work Environments

23andMe Finally Admits: 6.9 MILLION Users’ PII Breached

Russian-Backed Hackers Target High-Value US, European Entities

Exposed Hugging Face APIs Opened AI Models to Cyberattacks

Use Windows 10? You Must PAY for Security

Application Security Trends & Challenges with Tanya Janca

Top Characteristics of a QR Code Phishing Email

Kubernetes Security: Sensitive Secrets Exposed

“Do Not Push To Production” And Other Insecure Code, Demonstrated By An Ethical Hacker

Best Practices for Efficient and Secure Cloud Deployments

Top Stories

Analytics & Intelligence Cybersecurity Data Security Featured Governance, Risk & Compliance Network Security News Security Boulevard (Original) Social - X Spotlight Threats & Breaches Vulnerabilities

Survey Surfaces Wasted Efforts Collecting Cybersecurity Data

December 6, 2023 Michael Vizard | 2 days ago 0

Analytics & Intelligence Application Security AppSec Cloud Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security DevOps DevSecOps Digital Transformation Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Identity and Access Management Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Regulatory Compliance Securing the Cloud Security Awareness Security Boulevard (Original) Security Operations Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches Vulnerabilities Zero-Trust

23andMe Finally Admits: 6.9 MILLION Users’ PII Breached

December 5, 2023 Richi Jennings | 3 days ago 0

Cloud Security Cybersecurity Data Security DevOps Featured Industry Spotlight Network Security News Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities

Exposed Hugging Face APIs Opened AI Models to Cyberattacks

December 4, 2023 Jeffrey Burt | 3 days ago 0

Security Humor

A caricature of Russian president-for-life Vladimir Vladimirovich Putin

Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan

Join the Community

Add your blog to Security Bloggers Network
Write for Security Boulevard
Bloggers Meetup and Awards
Ask a Question
Email: [email protected]

Useful Links

About
Media Kit
Sponsor Info
Copyright
TOS
DMCA Compliance Statement
Privacy Policy

Related Sites

Techstrong Group
Cloud Native Now
DevOps.com
Digital CxO
Techstrong Research
Techstrong TV
Techstrong.tv Podcast
DevOps Chat
DevOps Dozen
DevOps TV

Powered by Techstrong Group

Copyright © 2023 Techstrong Group Inc. All rights reserved.

Cloud Workload Resilience PulseMeter

Step 1 of 8

12%

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)

The ability to recover from failures, high loads and cyberattacks.

Continue servicing workload requests during the recovery of failed components or services.

Implementing security measures to protect cloud workloads from cybersecurity threats like DDoS.

Maintaining uninterrupted service in the face of software, infrastructure and network failures or disruptions.

Designing cloud workloads to adapt to sudden changes in demand automatically.

Regularly performing backups to prevent data loss and enable quick recovery in case of failures.

Designing cloud workloads so they can more easily move between cloud locations and service providers.

Using geographically distributed or redundant cloud data centers.

Resiliency is just another marketing buzzword.

In what ways does cloud-native architecture improve the resiliency of workloads deployed in the cloud? (Rank order)

Smaller, self-contained microservices fail independently without impacting overall availability.
Containerized software provides isolation and consistency, making it easier to scale and recover from failure.
Stateless design patterns increase scalability and can fail independently without impacting other parts of cloud applications.
Serverless design pattern allows events to initiate the operation of the discrete functions as needed.
Cloud-native architecture significantly influences the resiliency of cloud-deployed applications.
Cloud-native architecture provides limited or no resiliency improvement.

How important is improving the resiliency of cloud workloads for your organization in 2024? (Select 1)(Required)

The number-one priority

In the top three priorities

In the top 10 priorities

Important but not a priority

Not important

Which of the following do you use to improve the resiliency of cloud workloads? (Select all that apply)(Required)

Containers

Microservices

Container orchestration

Serverless

Multiple cloud providers

Infrastructure-as-code (IaC)

Data distribution or replication

Observability tools based on OpenTelemetry

Failure testing

What factors in cloud-native (microservices) workloads increase resiliency? (Rank order)

Distribute workloads
Portable workloads across multiple cloud providers
Move some workloads to the edge
Kubernetes clusters for failover and load distribution
Stateless software design
Increased security posture
Setting meaningful and achievable resiliency goals

What are the most significant challenges to improving the resiliency of cloud workloads or cloud-native applications? (Select all that apply)(Required)

Lack of skills and knowledge

Legacy or existing architecture of applications

Large amount of technical debt

Multiple or conflicting definitions of resiliency

Inability to gain executive support

Ability to test resiliency without impacting service levels

Insufficient funding

Other

How much of your cloud workload is cloud-native today? (Select 1)(Required)

100% - all cloud-native

Greater than 50%

25-50%

Under 25%

0% - No cloud-native

What is your business or organization's size (# employees)? (Select 1)(Required)

1 - 100

101 - 500

501 - 1000

1001 - 5000

Over 5000

Δ