Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.11.06
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google Launches OpenTitan Project to Open Source Chip Security (Dark Reading, Nov 05 2019) OpenTitan is an open source collaboration among Google and technology companies to strengthen root-of-trust chip design. Microsoft Unveils New Security Tools for Azure (SecurityWeek, Nov 04 2019) […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.10.30
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Microsoft Wins Pentagon’s $10 Billion JEDI Contract, Thwarting Amazon (NYTimes, Oct 25 2019) Amazon was considered a front-runner for the cloud computing project before President Trump began criticizing the company’s founder, Jeff Bezos. Skimming malware found on American Cancer Society’s online […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.10.23
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Microsoft Launches ElectionGuard Bug Bounty Program (SecurityWeek, Oct 22 2019) Microsoft last week announced the launch of a new bug bounty program covering the ElectionGuard open source software development kit (SDK). Autoclerk Database Spills 179GB of Customer, US Government Data (Dark […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.10.16
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Stolen Cloud API Key to Blame for Imperva Breach (Infosecurity Magazine, Oct 14 2019) A security breach which led to the compromise of customer data at Imperva was caused by a stolen API key for one of its Amazon Web Services […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.10.09
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec macOS Catalina: Security and privacy improvements (Help Net Security, Oct 08 2019) First things first: starting with Catalina, the system runs on its own dedicated, read-only APFS volume and – Apple claims – “nothing can accidentally overwrite critical operating system files.” […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.10.02
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Cisco Webex & Zoom Bug Lets Attackers Spy on Conference Calls (Dark Reading, Oct 01 2019) The “Prying-Eye” vulnerability could let intruders scan for unprotected meeting IDs and snoop on conference calls. 60% of Major US Firms Have Been Hacked in […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.09.25
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec DevSecOps: Recreating Cybersecurity Culture (Dark Reading, Sep 18 2019) Bringing developers and security teams together guided by a common goal requires some risk-taking. With patience and confidence, it will pay off. Here’s how. How data breaches forced Amazon to update S3 […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.09.18
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec MITRE Releases 2019 List of Top 25 Software Weaknesses (Dark Reading, Sep 17 2019) The list includes the most frequent and critical weaknesses that can lead to serious software vulnerabilities. Leaky database spills data on 20 million Ecuadorians and businesses (Naked […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.09.11
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Wikipedia fights off huge DDoS attack (Naked Security – Sophos, Sep 11 2019) Wikipedia has suffered what appears to be the most disruptive Distributed Denial of Service (DDoS) attack in recent memory. Court Rules That ‘Scraping’ Public Website Data Isn’t Hacking […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.09.04
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google throws bug bounty bucks at 3rd-party apps (Naked Security – Sophos, Sep 02 2019) If an app has more than 100 million installs, Google will pay for bugs, even if the app makers already have their own bounty programs. Cloud […]