Confusion persists around DevOps because the term "has been used and abused so much it's lost all meaning," said Mark Nunnikhoven, VP of cloud research for Trend Micro, speaking Tuesday at the Gartner Security and Risk Management Summit in National Harbor, Maryland. DevOps tools have emerged and organizations have marketed "DevOps people." But at its core DevOps is a philosophy designed to balance two formerly disparate parts of an organization: development and operations.
The WannaCry cybersecurity attack in May, 2017, targeted tens of thousands of computers scattered across more than 70 countries. The attackers, thought to a be a group located in North Korea, demanded ransom fees in bitcoin. They promised to unfreeze computers in return.
It's been three years since researchers first discovered automated tank gauges (ATGs) at some 5,000 US gas stations exposed on the public Internet without password protection, and a recent scan found 5,635 locations were vulnerable to the same issue.
One of the men behind the Scan4You, a counter-antivirus tool used by cybercriminals to determine whether their malware would be flagged during routine security scans, has been convicted on three counts in federal court.
Everyone has that thing. That trigger that makes a person twitch. Whether that's standing on the left side of an escalator, walking too slow on the sidewalk or coworkers neglecting to take home last Tuesday's Chipotle guacamole (yes, it has indeed gone bad).
Cybercriminals looking to purchase malware are frequent flyers on dark web forums. Often, nefarious actors are in search of the attack that will deliver the greatest gains, which is why it might come as a surprise to learn that many criminals are rolling the dice on crypto-jacking connected devices.
What matters most, right now, to today's information security community, overwhelmed by an increasing number of not only attacks, but also regulations, quantity of solutions and inability to separate snake oil from reality?
Data breaches stemming from misconfigured cloud-based storage servers are utterly preventable, and it's up to the security community to educate organizations about tools that are readily available to scan for such mistakes, according to Mark Nunnikhoven, Trend Micro's VP of cloud research.