The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.” The guidelines include many best practices on how organizations and secure their CI/CD pipeline and enhance the software delivery processes.
Researchers have discovered the first known malware dubbed “Siloscape” targeting Windows containers to open a backdoor into poorly configured Kubernetes clusters.
Security experts from Onapsis and SAP have released a new threat intel report for SAP customers that warns of cyber threat actors targeting unprotected SAP applications.
Microsoft and FireEye have revealed new details on the infamous SolarWinds cyberattack used to spread a virus to 18,000 government and corporate computer networks.
The National Security Agency (NSA) has issued new guidance for adopting encrypted DNS over HTTPS dubbed “DoH.”
The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).
The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.
The Federal Bureau of Investigation (FBI) issued a private industry notification warning that cyberattackers continue to target end of life (EOL) Windows 7 systems.
Security researchers at Intezer Labs detected a new Linux malware dubbed “Doki” and cyber attack that uses blockchain wallet for generating command and control (C2) domain names.