In May 2024, Amazon Web Services (AWS) launched a new feature for internet-facing Application Load Balancers. This enhancement allows you to provision an internet-facing Application Load Balancer without needing public IPv4 addresses, enabling clients to connect using only IPv6 addresses. To connect, clients resolve the AAAA DNS records assigned to the Application Load Balancer. The […]
Introduction Technologies such as machine learning (ML), artificial intelligence (AI), and Generative AI (GenAI) unlock a new era of efficient and sustainable manufacturing while empowering the workforce. Areas where AI can be applied in manufacturing include predictive maintenance, defect detection, supply chain visibility, demand forecasting, product design, and many more. Benefits include improving uptime and […]
Yossi Kreinin has a new blog post out about how the push for greater efficiency in organizations leads to negative outcomes, because it leads to teams pursuing local efficiency goals rather than do…
Dapr improves the zero trust security posture of distributed systems out of the box by assigning application identities to all apps, ensuring that mTLS is enabled by default for all interservice and infrastructure communication.
TAG post from TAG App Delivery Calling all developers! We're excited to announce the launch of the new App Development Working Group within the TAG App Delivery. This group is dedicated to bridging…
Peter, one of our first Kubestronauts, has been working with Kubernetes only since 2021 but has still managed to pass all of CNCF's Kubernetes certifications. He's currently the Sr. DevOps Engineer /
OpenTelemetry's profiling agent should prove to be useful for users because it goes deeper for observability analysis by extending to the code level.
In this interview, we delve deep into the intricacies of Kubernetes autoscaling with Andy Suderman, CTO of Fairwinds
If you have a business-critical mobile app, you may find your observability solution is dropping some of your mobile app observability data.
OVHcloud mitigates record-breaking 840 Mpps DDoS attack, highlights surge in attack frequency and intensity, and warns of potential MikroTik router th
Join our exclusive webinar to learn how ITDR solutions protect against identity-based cyber attacks. Register now
MicroOS is OpenSUSE's container-centric immutable Linux distribution. Here is how to set it up and give it a test run.
Learn how Continuous Threat Exposure Management (CTEM) can enhance your cybersecurity strategy by providing comprehensive attack surface visibility an
GootLoader malware evolves with new versions, using SEO poisoning and disguised payloads to compromise systems.
Polyfill supply chain attack impacts 380,000+ hosts, including major companies. New domains and related attacks discovered.
Discover Zergeca, a new sophisticated botnet capable of DDoS attacks and more. Learn about its features, targets, and potential impact on cybersecurit
For databases that support transactions, there are different types of anomalies that can potentially occur: the higher the isolation level, the more classes of anomalies are eliminated (at a cost o…
Choosing the right software development platform gives a firm foundation for getting it right the first time.
If your company's API management solution is multi-gateway, event-native and AI-forward, then you will be ahead of the competition.
The rapid integration of Generative AI (GenAI) in the last few years has shifted the base toward new testing solutions.
Microsoft reveals critical security flaws in Rockwell Automation devices, allowing remote code execution and DoS attacks.
SRE practices are set to undergo significant transformations, driven by technological advancements and changing organizational needs.
Brazil bans Meta from using personal data for AI training, citing privacy concerns and risks to children. Meta has 5 days to comply or face fines.
Global law enforcement operation MORPHEUS dismantled nearly 600 cybercrime servers linked to Cobalt Strike attacks.
Twilio's Authy app suffers data breach exposing millions of phone numbers. Users urged to update app and stay vigilant against potential phishing.
I've been reading Alex Petrov's Database Internals to learn more about how databases are implemented. One of the topics covered in the book is a data structure known as the B-tree. Rela…
English | French | German | Italian | Spanish Last month, we shared that we are investing €7.8 billion in the AWS European Sovereign Cloud, a new independent cloud for Europe, which is set to launch by the end of 2025. We are building the AWS European Sovereign Cloud designed to offer public sector organizations […]
Serverless technologies not only minimize the time that builders spend managing infrastructure, they also help builders reduce the amount of application code they need to write. Replacing application code with fully managed cloud services improves both the operational characteristics and the maintainability of your applications thanks to a cleaner separation between business logic and application […]
Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring…
Outlining various debugging steps in troubleshooting GKE networking connectivity issues.
A survey of AppSec professionals finds nearly two-thirds work for organizations that have had their software supply chains compromised.
On-Call offers everything that a pager solution provides, allowing you to receive alerts on your phone, while it additionally supports functionalities that can be run on Datadog.
NordVPN not only hides your IP address/location and encrypts your traffic, but it also blocks trackers and ads.
Cybersecurity incidents in M&A deals require swift SEC reporting and robust risk management. Adopt a zero trust approach to mitigate cyber threats and ensure compliance.
Managing flaky tests is an ongoing iterative approach where you identify, understand and fix intermittent or unpredictable tests.
AI and ML revolutionize open-source intelligence, enhancing real-time analysis, multilingual processing, and predictive analytics for better decision-
Quantum computing represents a formidable challenge. Delve into the critical aspects of quantum readiness and its impact on digital security.
Discover how hackers exploit Microsoft MSHTML to deploy MerkSpy spyware, targeting users globally.
FakeBat loader malware spreads via drive-by attacks using SEO poisoning and fake software updates, delivering payloads like IcedID and Lumma.
Discover the 'Supposed Grasshopper' cyberattack campaign targeting Israeli entities using open-source frameworks and custom WordPress sites as deliver
South Korean ERP vendor targeted by hackers using Xctdoor malware. North Korean groups suspected.
During the modernization of mainframe applications, testing is the most important and time-consuming phase. AWS Mainframe Modernization Application Testing is an AWS cloud-native service generally available and designed to reduce testing time and cost at scale. In this blog post, we will describe the testing approach, its benefits and show an Application Testing walkthrough. Mainframe […]
AWS Trusted Advisor Priority helps you focus on the most important recommendations for optimizing your cloud deployments, improving resilience, and addressing security gaps. As an AWS Enterprise Support customer, you gain access to prioritized and context-driven recommendations, curated both by your AWS account team and machine-generated checks from AWS services. Note: AWS Trusted Advisor Priority […]
Load testing is an integral step in the quality assurance phase of a software development lifecycle, that offers you confidence about the performance of your workload before it is deployed to production. Once that workload moves to production, you monitor its health using synthetic monitoring. Load testing and synthetic monitoring typically test the same application […]
Our Sensitive Data Protection Discovery service now supports Cloud Storage, in addition to BigQuery, BigLake, and Cloud SQL. Here's how it can help you.
Welcome to the 26th edition of the AWS Serverless ICYMI (in case you missed it) quarterly recap. Every quarter, we share all the most recent product launches, feature enhancements, blog posts, webinars, live streams, and other interesting things that you might have missed! In case you missed our last ICYMI, check out what happened last […]
Another maintainer of an open-source software project has decided to no longer actively update an IP address parsing utilities used widely by JavaScript developers.
Member post by Anjali Udasi, Technical Writer, Zenduty and Shubham Srivastava, Developer Relations Engineer, Zenduty Joel Studler and Ashan Senevirathne took the stage at KubeCon + CloudNativeCon…
The Continuous Delivery Foundation reports that DevOps initiatives seem to be stalling out.
Traditional compliance methods are inadequate in the face of growing complexities, but AI is here to transform the landscape of compliance services.
Building DLTs by best open source practices will ensure their safety, said Dr. Leemon Baird and Andrew Aitken in this episode of The New Stack Makers.
A report published by Aqua Security finds that as many as 18% of secrets inadvertently exposed are not being discovered.
Clean architecture is a software design philosophy that prioritizes the separation of concerns within a software system.
Discover how the 'Indirector' attack threatens Intel CPUs and learn about the 'TIKTAG' vulnerability in Arm processors.
Ransomware payments soar by 500%, averaging $2 million in 2024. Learn why next-gen MFA is crucial.
99% of organizations that experienced cloud-related breaches blamed insecure identities. Read the report and improve your cloud security!
IBM has made available IBM Concert, leveraging generative artificial intelligence and knowledge graphs to surface in real-time dependencies.
China-linked hackers exploit Cisco switch flaw to deliver malware. Unpatched D-Link routers expose user accounts.
Meta's ad-free subscription faces EU scrutiny for breaching competition rules, risking hefty fines. Users demand real choices.
Australian man charged for creating fake Wi-Fi hotspots on flights to steal personal data. Learn how to protect yourself from 'evil twin' Wi-Fi attack
Many organizations have critical legacy Java applications that are increasingly difficult to maintain. Modernizing these applications is a necessary, daunting, and risky task that takes the focus off of creating new value or features. This includes undocumented code, outdated frameworks and libraries, security vulnerabilities, a lack of logging and error handling, and a lack of […]
Request for Information (RFI): CSA is looking for companies that are interested in partnering with CSA to develop new solutions that utilize Generative AI.
Cross-Cloud Network sets up private, dedicated connections between Google Cloud and Oracle Cloud Infrastructure (OCI).
CocoaPods patches critical vulnerabilities that exposed thousands of iOS and macOS apps to supply chain attacks.
AWS Summit New York is 10 days away, and I am very excited about the new announcements and more than 170 sessions. There will be A Night Out with AWS event after the summit for professionals from the media and entertainment, gaming, and sports industries who are existing Amazon Web Services (AWS) customers or have […]
Ambassador post by Taylor Thomas, CNCF Ambassador and Director of Engineering at Cosmonic WebAssembly (Wasm) components are here and already unlocking new computing patterns. Meanwhile…
Credentials, API tokens, and passkeys developers add to code can remain exposed for years even after they were assumed to be deleted, Aqua Security finds.
Discover how Transparent Tribe's latest Android malware campaign targets mobile users, and learn about new threats like Snowblind in Southeast Asia.
Conceptworld software installers trojanized with data-stealing malware. Users of Notezilla, RecentX, and Copywhiz urged to check for compromise.
Phishing attacks have evolved with cybercriminals now using QR codes to steal sensitive data. Learn how to protect against these sophisticated quishing attacks and tactics.
Fauna has added an ability to maintain strict enforcement of schema to its document-relational database using a declarative language.
Critical OpenSSH vulnerability allows remote code execution on Linux systems. Patch now to protect against potential attacks on millions of exposed se
Discover how to secure machine identities and reduce secrets sprawl with end-to-end secrets management solutions.
Converging IT and OT enhances efficiency, security, and innovation in digital transformation. Secure integration ensures data-driven decisions and robust operational performance.
Juniper Networks has released critical security updates for routers to fix an authentication bypass vulnerability. Apply patches now to secure your de
Most times, we only find what we're looking for. Attitude is a key factor in how we perceive the world. Most times, we only find what we're looking for. Attitude is a key factor in how we perceive the world.
A round up of five great DevOps opportunities for your perusal, including positions at Cisco Systems and Costco Wholesale.
Customers build, deploy, and maintain millions of web applications on AWS and many customers deploy these applications using the Apache web application server. Web application performance is a key metric in modern enterprise applications. On AWS customers leverage Amazon CloudWatch to monitor response times, uptime, and provide SLAs. Engineering teams that run large scale applications […]
This is a really thorny one. As individual subprocesses started infinitely looping, their system shifted load to other datacenters, masking the problem. A coinciding failure in the load shifting system made things even more interesting.
Although provisioning load balancers directly from clusters has been the Kubernetes native method for exposing services, in some cases this creates a provisioning process that doesn't align with the architecture of the applications. Therefore, there's a need to have another mechanism for it. For those use-cases, which we describe in this post, provides the functionality […]
Google Chrome to block Entrust certificates from November 2024 due to security concerns. Website operators urged to switch CAs to avoid disruption.
North Korean hackers deploy malicious Chrome extension TRANSLATEXT to steal data from South Korean academics studying North Korean affairs.
Google is helping to improve cybersecurity at rural and underserved hospitals. Here's how.
Member post originally published on Since its launch in June 2014, Kubernetes has revolutionized container orchestration, transforming how applications are managed and scaled. The Data on Kubernetes…
After the domain was bought by a Chinese company in February, it began putting malicious code into scripts distributed via its CDN.
The agency is urging developers to transition to memory-safe programming languages to reduce security flaws and make software safer.
GitLab releases security updates fixing 14 vulnerabilities, including critical CI/CD flaw CVE-2024-5655. Update now to ensure protection.
8220 Gang exploits Oracle WebLogic Server flaws using fileless execution techniques to drop XMRig miner payload.
In its purest form, site reliability engineering (SRE) is what you get when you treat operations like it is a software problem.
Explore the evolving landscape of SaaS security risks, threat actor tactics, and essential strategies for protecting enterprise data.
Ensuring AI safety, privacy, and bias prevention starts with robust data management. Implement ISO 42001's A.7 controls for secure, reliable, and responsible AI systems.
Researchers unveil SnailLoad, a new side-channel attack exploiting network latency to infer web activity remotely, achieving up to 98% accuracy in vid
Discover critical security flaws in Emerson gas chromatographs. Learn about vulnerabilities, potential risks, and urgent firmware updates for industri
Orca Security this week added the ability to scan source code stored in GitHub and GitLab repositories for vulnerabilities.
A company can improve its developer experience (DevEx) by tweaking its continuous integration and continuous delivery (CI/CD) process.
DevSecOps principles focus on automating information security processes and introducing security measures early in software development.
TeamViewer detects security breach, investigates with experts. No customer data impacted. Health-ISAC warns of APT29 exploitation.
Streamline virtual desktop management: provision non-persistent desktops, configure apps and resources, and automatically scale capacity based on demand, all from a centralized platform.
As machine learning models grow more advanced, they require extensive computing power to train efficiently. Many organizations are turning to GPU-accelerated Kubernetes clusters for both model training and online inference. However, properly monitoring GPU usage is critical for machine learning engineers and cluster administrators to understand model performance and to optimize infrastructure utilization. Without visibility […]
AWS Certificate Manager (ACM) is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing (ELB), Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting August 2024, public certificates issued from ACM will terminate at the Starfield Services G2 (G2) root […]
Trace data from origin to insights with an intuitive visual graph, empowering engineers, analysts, and admins to validate provenance, troubleshoot pipelines, and ensure governance with ease.
Canonical's Long Term Support (LTS) Ubuntu releases provided users with 12 years of guaranteed security maintenance. Now the company is expanding the program for containerized open source apps — No distribution needed.
JFrog's solution will now enable building, deployment, management and monitoring of AI workflows to classic ML models, all on a unified platform.
Manage your code across popular git repositories with Amazon CodeCatalyst's new integration with GitLab.com and Bitbucket Cloud. Use blueprints and Amazon Q feature development.
Project post by the Vitess Maintainer Team We're delighted to announce the release of Vitess 20 along with version 2.13.0 of the Vitess Kubernetes Operator. Version 20 focuses on usability and…
With the introduction of trusted identity propagation, applications can now propagate a user's workforce identity from their identity provider (IdP) to applications running in Amazon Web Services (AWS) and to storage services backing those applications, such as Amazon Simple Storage Service (Amazon S3) or AWS Glue. Since access to applications and data can now be […]
P2PInfect botnet evolves to target Redis servers with ransomware and crypto miners, showcasing new financial motivations and advanced evasion techniqu
The AI_dev conference showcases an open model tool and Docker WebGPU support for developers, but PyTorch Rust integration is not on the agenda.
Utmost care should be taken to secure AI chatbots. A Synack vulnerability was discovered that allows full access to the database and filesystem.
Discover the hidden risks of AI in SaaS tools. Learn how AI training impacts data security and privacy. Essential insights for safeguarding your organ
Waltham, Massachusetts, 27th June 2024, CyberNewsWire
The 2024 Thales Cloud Security Study provides a comprehensive look at the current state of cloud security. Here are the key takeaways.
Learn how to build secure blockchain applications in Python with AlgoKit, the comprehensive toolkit for Algorand developers.
Discover how a critical flaw in Vanna.AI library exposes databases to remote code execution and the growing risks of AI prompt injection attacks.
Russian national indicted in U.S. for cyber attacks before Ukraine invasion. DOJ offers $10M reward.
Critical security flaw in Fortra FileCatalyst Workflow allows database tampering. Patch available.
London Stock Exchange Group (LSEG) has 30 PB of Tick History-PCAP data, which is ultra-high-quality global market data that is based on raw exchange data, timestamped to the nanosecond. An additional 60 TB is generated every day. LSEG sought to migrate their data from Wasabi cloud storage, LSEG was looking for a new solution to […]
This list is not exhaustive, but it covers the most common practices. These recommendations should not prevent you from trying different processes.
Some of my customers need assistance while operating their Amazon Elastic Compute Cloud (Amazon EC2) infrastructure. They need to: Review the disk usage of various volumes/ disks within an EC2 instance. To do it in a scalable way, one does not need to access the instance either through a Remote Desktop Session (RDP) or use […]
To help make CMEK configuration more efficient, we're introducing Cloud KMS Autokey, which automates CMEK key control operations.
Critical MOVEit Transfer flaw exploited in wild. Progress Software urges immediate patching. CISA reports separate intrusion on chemical security tool
With the integration of Embrace, Grafana Cloud now allows users to connect gather complete frontend telemetry data from mobile apps.
Datadog at its DASH 2024 conference added a bevy of tools and capabilities to streamline DevSecOps workflows, including Datadog On-Call.
Amazon SQS boosts performance, scaling capabilities, and energy efficiency without impacting existing behavior - a behind-the-scenes look at AWS's continuous improvement journey.
There will come a time when our online accounts live on well after we are gone, and our credit cards will be charged accordingly. There will come a time when our online accounts live on well after we are gone, and our credit cards will be charged accordingly.
Harmful risks of credential stuffing attacks can range from unauthorized access to your company's confidential data to identity theft, financial loss, and legal consequences. Learn how to protect yourself.
Explore how AI can exploit vulnerabilities and learn key takeaways for vulnerability management and remediation, emphasizing the need for rapid response and leveraging AI for security.
Explore key strategies to secure software supply chains effectively amidst rising cyber threats. Learn about SBOMs, SLSA, and DevSecOps best practices
Chinese and North Korean hackers target global infrastructure with ransomware, blurring lines between cybercrime and espionage.
Apple releases critical security updates for AirPods and visionOS, addressing Bluetooth vulnerabilities and potential exploits in spatial computing.
We do not know if cloud minimalism is the answer to cloud complexity, but it provides pathways to onboard and explore cloud computing.
Discover how the Caesar Cipher Skimmer targets e-commerce platforms, compromising credit card data. Learn to protect your website from this new threat
Discover how the updated Medusa Android banking trojan targets users in 7 countries, featuring new stealth capabilities and expanded reach.
McLean, United States of America, 26th June 2024, CyberNewsWire
A new level of assistant is emerging — as AI technology is embedded directly into development and testing tools.
An AI agent is a series of prompts that leverage AI to carry out a role within the engineering team, such as the business owner or tester.
Google blocks ads on sites using compromised Polyfill.io. Over 110,000 websites affected. Learn about the security risks and alternative solutions.
Microsoft is a Leader in this year's Gartner® Magic Quadrant for Data Science and Machine Learning Platforms. Learn more.
Anomalo can revamp your organization's data quality with ML-based monitoring, automated root cause analysis, and data pipeline support.
Understand the critical topic of AI deepfakes, why they're so concerning, and why IT professionals should be deeply invested in learning more.
The good news for organizations is that CodeOps combines AI and human ingenuity to minimize these risks while saving time and money.
To empower systems researchers, we recently released Thesios, a collection of synthesized Google I/O traces for storage servers and disks.
Resources to learn generative AI concepts and how to leverage it to enhance your operational efficiency as an SRE.
A key challenge for SaaS providers is designing secure, scalable tenant routing mechanisms to identify tenants and route requests to appropriate resources. Effective tenant routing ensures isolation, scalability, and security. This post explores strategies for routing HTTP requests in multi-tenant SaaS environments on AWS, including considerations, best practices, and example scenarios. For routing strategies at […]
Sapient.ai today launched a testing automation platform that makes use of AI and automatically creates unit tests as the apps are developed.
Member post originally published on the Logz.io blog by Jake O'Donnell It may sound complicated and daunting, but so much of observability is about discovering the unknown unknowns in your critical…
Cyber awareness training doesn't prevent people from making mistakes. Instead, focus on building a security program that considers human error.
Hollow Core Fiber is an innovative optical fiber that is set to optimize the Microsoft Azure global cloud infrastructure. Learn more.
If you are using tools with PaC, start building some policies, and if not, consider experimenting with those tools.
A survey of C-level executives and security experts finds 39% of respondents reporting they work for organizations currently using AI tools.
Overview GitHub Actions is a continuous integration and continuous deployment platform that enables the automation of build, test and deployment activities for your workload. GitHub Self-Hosted Runners provide a flexible and customizable option to run your GitHub Action pipelines. These runners allow you to run your builds on your own infrastructure, giving you control over the […]
JFrog today revealed it has acquired Qwak to add a machine learning operations platform to its portfolio of DevOps tools and platforms.
A cloud-native application protection platform (CNAPP) that integrates CIEM can level up your cloud security.
Broadcom today extended VCF to provide templates that make it simpler for DevOps teams to provide self-service catalogs to developers.
Discover GrimResource, a new cyber threat leveraging MSC files for stealthy code execution. Stay informed and protected against this evolving cybersec
Discover Boolka, a new cyberthreat using SQL injections and malicious scripts to steal data and deploy the BMANAGER trojan on vulnerable websites glob
Understand the SEC's updated guidance on disclosing cybersecurity incidents, including key requirements, materiality definitions, and the importance of transparency for public companies.
Discover how browser security enhances efficiency and cuts costs in cybersecurity with real-life CISO testimonials.
Julian Assange freed after 5 years, pleads guilty to classified info leak. WikiLeaks founder heads to Australia as 14-year legal battle ends.
WordPress plugins compromised to create rogue admin accounts. Users advised to check for suspicious activity and remove malicious code. Security alert
Four Vietnamese hackers indicted for $71M cybercrime spree. Phishing, supply chain attacks, and data theft targeted US companies over three years.
In today's rapidly evolving digital landscape, the cloud has become the backbone of innovation, scalability, and efficiency for businesses worldwide. As customers embark on their cloud migration journeys, whether the migration has been motivated by the intention of accelerating innovation, reducing operational and infrastructure costs, or exiting your on-prem datacenter, migrating to the cloud presents […]
Fetch provides a convenient and rewarding platform for consumers to earn points and redeem them for various goods and services, making it an attractive option for those looking to maximize the value of their everyday purchases. As of May 2024, the Fetch app ranked #25 in the Shopping category and has 4.8 stars out of […]
A survey of tech pros finds that while 80% of respondents say their org is ready to use AI tools, the enthusiasm for these tools is higher among C-level execs.
In January 2024, we introduced Migration Hub Journeys to guide and accelerate the migration and modernization of applications. Journeys help optimize planning, execution, and tracking through task-based templates with expert guidance, specialized tools, and cross-team collaboration, enabling you to migrate and modernize applications seamlessly. Today, we're excited to publish new migration journey templates for AWS […]
Assessing integration security risks across prospective SaaS vendors successfully has been critical in helping pinpoint the most secure vendors over time.
Introduction This post discusses Amazon Elastic Container Service (Amazon ECS) Service Connect, a capability that provides a secure and scalable way to connect different Amazon ECS service deployments. This enables seamless communication between micro-services while reducing the operational overhead. It provides features such as service discovery, load balancing, and network traffic metrics. This post primarily […]
Enhancements to GKE Cluster Autoscaler deliver improvements such as better deployment time and application response latency.
Originally published on the appCD blog by Asif Awan You've been working on a new application for your company. It is going to address business requirements needed to delight customers.
Google's Project Naptime empowers AI to autonomously uncover vulnerabilities, revolutionizing automated security assessments.
This week, I had the opportunity to try the new Anthropic Claude 3.5 Sonnet model in Amazon Bedrock just before it launched, and I was really impressed by its speed and accuracy! It was also the week of AWS Summit Japan; here's a nice picture of the busy AWS Community stage. Last week's launches With many […]
Critical security flaw (CVE-2024-37032) discovered in Ollama, an open-source AI platform, could lead to remote code execution.
Introduction When I take my car in for service for a simple oil change, the technician often reads off a litany of other services my car needs that I had put off since the previous service (and maybe the service before that, too). I tend to wait for the "check engine" light to come on […]
Explore the differences between CSPM and ASPM, and learn how to effectively leverage both to secure cloud infrastructure and applications, ensuring comprehensive risk management.
DevOps.com is providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted.
Does your team suffer from duplicate git Issues? How about competing or over-stuffed pull requests? A group of researchers have discovered all sorts of ways your dev team may be working with less-than-optimal efficiency.
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts.
Understand the evolution of cybersecurity, the role of the cloud in revolutionizing IT, and the challenges of dealing with third-party apps.
Chinese hackers target Taiwan and other countries in extensive cyber espionage campaign, exploiting vulnerabilities in internet-facing devices for int
Learn about Rafel RAT, an Android malware tool posing as popular apps. Explore its risks, impacts, and preventive measures for mobile security.
Lots of great tips in the comments if you're looking to tune your resume.
Wondering how to get started on this new-fangled Generative AI trend? For Linux folks, Red Hat's Podman Desktop "AI Lab" offers an easy onramp to AI experimentation.
ExCobalt targets Russian firms with GoRed backdoor. New cyber threat uses supply chain attacks and advanced tools for espionage across sectors.
In this blog post you'll learn how to use a new feature in AWS CodeDeploy to deploy your application one Availability Zone (AZ) at a time to help increase the operational resilience or your services through improved fault isolation. Introducing change to a system can be a time of risk. Even the most advanced CI/CD […]
Discover how AdsExhaust adware targets Meta Quest app users, manipulates browsers, and generates unauthorized revenue through sophisticated techniques
Introduction As a builder, AWS CloudFormation provides a reliable way for you to model, provision, and manage AWS and third-party resources by treating infrastructure as code. First-time and experienced users of CloudFormation can often encounter some challenges when it comes to development of templates and stacks. CloudFormation offers a vast library of over 1,250 resource […]
US Treasury sanctions 12 Kaspersky executives, citing cyber threats. Company and CEO unaffected. Follows Commerce Dept. ban on Kaspersky software.
The marriage of machine learning and DevOps practices has given birth to MLOps, a specialized field focused on automating the
Boost your network performance with expert tips on TCP & UDP bulk flows benchmarking.
Full visibility into hybrid infrastructures is crucial for supporting the secure development and deployment of modern applications.
DevSecOps has promise and pitfalls, and we need a path forward to achieve a balance between speed and security.
Member post originally published on the Mia-Platform blog by Giovanna Monti, Full Stack Developer, Mia-Platform Entering the world of a fast-paced tech company can feel like diving headfirst into a…
Chinese hackers target government agencies worldwide with SugarGh0st and SpiceRAT malware.
Discover how the PHANTOM#SPIKE phishing campaign targets Pakistan with military-themed emails, spreading malware via ZIP file attachments.
SmartBear this week extended its efforts to bring generative AI to its test automation portfolio to include test data and API contracts.
Introduction In this blog, you will learn how to choose the right project management methodology to accelerate cloud transformations. According to the Harvard Business Review, over 70% of digital transformations fail. One of the reasons is the lack of proper governance leading to poor cross-functional alignment. To avoid this common pitfall, organizations must choose a […]
CSA CEO Jim Reavis provides an overview of the SOC 2 and ISO 27001 frameworks and how they relate to the CSA STAR program.
Discover how a malvertising campaign tricks users with fake software downloads to spread the Oyster malware.
Discover the critical SolarWinds Serv-U vulnerability exploited by threat actors. Update now to secure sensitive files from unauthorized access.
Building on the foundation laid by DevSecOps, ASPM represents a leap forward in operationalizing these principles within the CI/CD process.
GenAI helps mainframe developers maintain consistency across the codebase, reducing the risk of introducing errors or vulnerabilities.
US bans Kaspersky software citing national security risks. Russian cybersecurity firm given 100 days to cease US operations.
AWS CodeArtifact now supports Rust packages, enabling secure storage and management of Rust crates within your organization's private repositories, mitigating legal and security risks from external package sources while ensuring efficient collaboration across teams.
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying…
Miami, United States, 20th June 2024, CyberNewsWire
Zhilong Wang is one of the first Kubestronauts in China. As a cloud-native technology expert, he has over 10 years of frontline experience in internet development and architecture…
As the clock ticks down, the imperative is clear: act now, secure your systems and ensure a smooth transition to a supported enterprise Linux operating system.
This powerful and cost-effective model outperforms on intelligence benchmarks, with remarkable capabilities in vision, writing, customer support, analytics, and coding to revolutionize your workflows.
Learn about your troubleshooting options when a Google Cloud load balancer has backends that are failing to pass health checks.
Member post originally published on the Devtron blog by Nishant As the adoption of Kubernetes continues to grow, organizations encounter numerous challenges in securing their software development and…
Explore AI resilience, robustness, and plasticity. Understand how incorporating diversity into AI systems can offer a more resilient framework.
Russian hackers target French diplomats in sophisticated cyber attacks. ANSSI warns of ongoing threats to diplomatic entities and IT firms.
Discover the critical UEFI firmware flaw affecting Intel processors. Learn how to secure your devices against potential cyber threats.
Dubai, UAE, 20th June 2024, CyberNewsWire
Explore crucial elements of the EU AI Act for AI compliance, focusing on transparency, privacy, risk management, and ethical principles to ensure responsible AI development and use.
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that 113 services are now certified as compliant with the Cloud Infrastructure Services Providers in Europe (CISPE) Data Protection Code of Conduct. This alignment with the CISPE requirements demonstrates our ongoing commitment to adhere to the heightened expectations for […]
Cary, United States, 20th June 2024, CyberNewsWire
Discover how MSPs in 2024 are coping with tool overload in cybersecurity. Explore integrated solutions like Guardz to streamline operations and boost
Newly hired CISOs, follow these 7 strategies to effectively achieve and maintain PCI DSS compliance, from assessing current compliance levels to establishing robust security and reporting structures.
Symantec uncovers a long-running Chinese cyber espionage campaign targeting Asian telecom operators since 2021, deploying custom malware and stealing
Fickle Stealer, a new Rust-based malware, and AZStealer, an open-source Python stealer, target sensitive data via multiple attack chains and exfiltrat
Discover SquidLoader, a new evasive malware spreading via phishing attacks in China. Learn its tactics and cybersecurity implications.
Certain organizations may experience unexpected or outlier cross-region data transfer charges and require time to identify which of their systems or workloads are initiating them. In such cases, it may be useful to temporarily block data transfers to within a particular region. This temporary restriction can prevent further unwanted charges and allows time for audit […]
Introduction Many customers use Amazon Elastic Container Service (ECS) for running their mission critical container-based applications on AWS. These customers are looking for safe deployment of application and infrastructure changes with minimal downtime, leveraging AWS CodeDeploy and AWS CloudFormation. AWS CloudFormation natively supports performing Blue/Green deployments on ECS using a CodeDeploy Blue/Green hook, but this […]
Kraken exchange falls victim to a $3 million crypto theft exploiting a zero-day flaw, with the researcher refusing to return the stolen funds.
Like a Russian doll, an IDP is a layer on top of an SSP that offers tools to streamline the entire software development lifecycle. The SSP is about functionality and automation for everyone involved.
Use Amazon SageMaker with MLflow to track experiments, compare runs, register candidate models, and transition models from experimentation to production.
Introduction The CloudFormation Linter, cfn-lint, is a powerful tool designed to enhance the development process of AWS CloudFormation templates. It serves as a static analysis tool that checks CloudFormation templates for potential errors and best practices, ensuring that your infrastructure as code adheres to AWS best practices and standards. With its comprehensive rule set and […]
Congratulations to CNCF's 2024 Term 1 (March – May) LFX Program mentees who have finished the program successfully! Following a three-month program working with 28 different Graduated, Incubating…
Discover how UNC3886 exploits Fortinet and VMware vulnerabilities in sophisticated cyber espionage campaigns. Learn about advanced persistence methods
Kahn had a communications perspective, Cerf came with a computing perspective, and together they worked on connecting diverse computing networks — up to 256 of them.
Both CoE and platform engineering aim to boost productivity and collaboration. Which is best for your shop?
Learn how to create a Helm chart with our easy-to-follow Helm Charts Tutorial. This guide covers structure, components,
Explore the dangers of Google Tag Manager misconfigurations with real-world examples. Learn how to safeguard your data and comply with privacy laws
Discover the latest cybersecurity threat targeting Chinese-speaking users with malicious VPN installers and AI-driven malware campaigns.
Discover how markopolo's Vortax scam targets cryptocurrency users with malware, posing serious cybersecurity threats across platforms
The rapid advancements in large language model (LLM) coding assistants have sparked debates about the future of coding.
The pace of digitization impacts on creativity, and burnout is a very present issue estimated to affect four in five software developers.
Discover critical vulnerabilities in Mailcow server software allowing remote code execution and XSS attacks.
Generative AI, powered by large language models (LLMs), introduces a transformative solution to the challenges of modern observability.
A survey shows while 60% work for organizations that update web applications weekly, 75% test their web applications monthly or less often.
OpenAI Whisper is a pre-trained model for automatic speech recognition (ASR) and speech translation. It has demonstrated strong ASR performance across various languages, including the ability to transcribe speech in multiple languages and translate them into English. The Whisper model is open-sourced under the Apache 2.0 license, making it accessible for developers to build useful […]
The new hierarchical namespace capabilities bring file system optimizations to Cloud Storage buckets.
How your business approaches this could determine whether it evolves with the next phases of AI or becomes a vestige locked in the past.
Discover how the EU's proposal to scan private messages for CSAM risks encryption and sparks a debate on privacy versus child safety.
Malware analysis. Summarization and search for SecOps. Faster patching. CISO Phil Venables looks at three promising AI use cases for cybersecurity.
Not sure where to get started when it comes to cloud native security and artificial intelligence? Look no further than CloudNativeSecurityCon North America 2024 in Seattle, which opens up with the co…
Ambassador post originally published on the Oras blog by Feynman Zhou The ORAS project maintainers are proud to announce ORAS CLI v1.2.0 and ORAS-go v2.5.0. These two releases are ready for production…
Introduction Monitoring the health and performance of your media services is critical to ensuring a seamless viewing experience for your customers. Amazon CloudWatch provides powerful monitoring capabilities for AWS resources. Setting up comprehensive dashboards can be a time-consuming process, especially for organizations managing with large number of resources across multiple regions. The Automatic CloudWatch Dashboard solution […]
At AWS, we consider reliability as a capability of services to withstand major disruptions within acceptable degradation parameters and to recover within an acceptable timeframe. Service reliability goes beyond traditional disciplines, such as availability and performance, to achieve its goal. Components of a system or application will eventually fail over time. Like our CTO Werner Vogels […]
Cybercriminals exploit free software lures and social engineering tactics to deploy Hijack Loader, Vidar Stealer, and other malware, targeting unsuspe
Learn how aligning terminology across security, risk, and compliance teams enhances operational efficiency, improves decision-making, and fortifies organizational resilience.
The latest version of the AWS HITRUST Shared Responsibility Matrix (SRM)—SRM version 1.4.3—is now available. To request a copy, choose SRM version 1.4.3 from the HITRUST website. SRM version 1.4.3 adds support for the HITRUST Common Security Framework (CSF) v11.3 assessments in addition to continued support for previous versions of HITRUST CSF assessments v9.1–v11.2. As […]
Explore key findings from a survey on SaaS security investment trends, challenges, and improvements across enterprises.
Uptycs uncovered an ongoing operation within the Log4j campaign that aims to deploy an XMRig cryptominer malware onto the targeted systems.
Let's figure out what AI does well, where it falls short, and whether DevOps professionals should fear it and start re-skilling today.
Researchers uncover a new malware campaign targeting exposed Docker API endpoints to deliver cryptocurrency miners and remote access tools.
VMware releases critical updates for Cloud Foundation, vCenter Server, and vSphere ESXi, fixing remote code execution and privilege escalation flaws.
Singapore Police extradite two men from Malaysia for alleged Android malware scam targeting citizens' bank accounts, resulting in financial losses.
By setting up a strategy and outlining product and IT requirements, developers need not take shortcuts and security risks.
When a culture is unable to understand the details of a situation all that's left is to create an illusion of simplicity. When a culture is unable to understand the details of a situation all that's left is to create an illusion of simplicity.
Customers who develop APIs can control access to them using Amazon Cognito user pools as an authorizer. Testing these APIs should take into account the additional security controls in place to effectively validate that the APIs are working, and Amazon CloudWatch Synthetics enables proactive testing of these APIs. If you are using Amazon Cognito User […]
As independent software vendors (ISVs) shift to a multi-tenant software-as-a-service (SaaS) model, they commonly adopt a shared infrastructure model to achieve cost and operational efficiency. The more ISVs move into a multi-tenant model, the more concern they may have about the potential for one tenant to access the resources of another tenant. SaaS systems include […]
Last week, my alma mater Standard Bank Group (SBG) hosted a Software Engineering Conference and invited me to be one of the keynote speakers. SBG has presence throughout Africa and this hybrid conference was attended by almost 2,000 engineers from across the continent. It was amazing to reconnect with long-time friends and former colleagues, and […]
Rising cloud costs have been a recurring theme in recent years. We saw enterprise cloud use skyrocket during 2020; in
The IPv6 Hybrid Connectivity portfolio now supports IPv6 BGP sessions, Partner Interconnect IPv6, and IPv6-only HA-VPN.
Generative AI apps have different network traffic patterns than other apps. New capabilities across the Google Cloud networking stack can help.
Two new Confidential Computing offerings have been designed to protect the privacy and confidentiality of AI/ML workloads. Here's how.
We are thrilled to welcome the latest cohort of CNCF Ambassadors! These passionate and dedicated individuals are recognized for their outstanding contributions to the cloud native community.
Member post originally published on the Buoyant blog by William Morgan Topology Aware Routing is a feature of Kubernetes that prevents cluster traffic within one availability zone from crossing to…
ASUS releases crucial updates for multiple router models to address critical authentication bypass and buffer overflow vulnerabilities. Users urged to
Conference leaders share their thoughts on the latest trends and challenges in cloud native security, and the sessions they are most looking forward to.
Examine the top ChatGPT jailbreak prompts that cybercriminals use to generate illicit content, including DAN, Translator Bot, AIM, and BISH.
When Amazon Web Services (AWS) launched Amazon Q Developer agent for code transformation as a preview last year to upgrade Java applications, we saw many organizations desire to significantly accelerate their Java upgrades. Previously, these upgrades were considered daunting, a time-consuming manual task requiring weeks if not months of effort and with Amazon Q Developer they […]
The Erawan Release of a DevSecOps platform provides a set of new and enhanced capabilities to help automate applications security along with integration with Backstage, an open-source internal developer platform originally developed by Spotify that is now being advanced under the auspices of the Cloud Native Computing Foundation (CNCF).
Sygnia reveals 3-year cyber espionage campaign by China-linked Velvet Ant group, exploiting F5 BIG-IP for persistence and deploying PlugX malware.
Discover the importance of DevSecOps in modern software development. Learn to integrate security seamlessly for safer applications.
Review five best practices for securing AWS resources to gain a better understanding of how to protect your cloud environments.
Platform engineering represents the evolution of DevOps into a more structured and service-oriented model.
Discover how compromised websites are exploited to distribute BadSpace, a dangerous Windows backdoor via fake browser updates
Check out our weekly spotlight on current DevOps job postings, including positions at Deutsche Bank and Prudential Financial.
Discover the latest threat of NiceRAT malware targeting South Korean users via cracked software.
In today's fast-paced technology landscape, ensuring optimal user experience and efficient resource utilization is crucial. Even minor performance bottlenecks can significantly impact user experience and business success. With the rising popularity of ARM architectures like AWS Graviton, benchmarking applications across different architectures is essential for making informed decisions. Comprehensive benchmarking helps evaluate the suitability and […]
Combining Write Ahead Log (WAL) with replication in a hybrid consistency model is recommended for resilient systems requiring fault tolerance.
Scattered Spider member arrested in Spain. Group evolves tactics, targets SaaS apps for data theft. FBI prepares charges against hackers tied to high-
Time to get down into the bits and bytes of how
Smishing Triad expands to Pakistan, while Google uncovers Brazilian threat actors PINEAPPLE, UNC5176, and FLUXROOT.
Pakistan-based UTA0137's cyber espionage campaign targeting Indian government with DISGOMOJI malware, exploiting DirtyPipe and Firefox scam.
Meta delays AI training on EU user data following regulatory intervention. Noyb files complaint in 11 European countries alleging GDPR violations.
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.
Broadcom's Mainframe Software Division is reshaping the traditional vendor-customer relationship by investing in modernizing the mainframe ecosystem and fostering a symbiotic partnership between both parties.
When managing a hybrid-cloud infrastructure, monitoring system health is essential for maintaining business continuity. Setting up comprehensive monitoring provides visibility into performance and availability of infrastructure components. By establishing alert thresholds and promptly responding to alarms, administrators can identify degraded performance or outages early. Quickly diagnosing and fixing the issues maximizes uptime. AWS Storage Gateway, […]
Learn how to configure an IAM Roles Anywhere solution that lets AWS Partner CRM Connector users authenticate with Salesforce using temporary AWS credentials, eliminating the need to hardcode them.
To plot a successful path to your company's future, you can't afford to throw it away or cede it to someone else to hold and control.
At issue is how the business model for VMware products recently changed from that of a perpetual license-driven company to a subscription company.
Amazon Elastic Kubernetes Service (Amazon EKS) offers a powerful, Kubernetes-certified service to build, secure, operate, and maintain Kubernetes clusters on Amazon Web Services (AWS). It integrates seamlessly with key AWS services such as Amazon CloudWatch, Amazon EC2 Auto Scaling, and AWS Identity and Access Management (IAM), enhancing the monitoring, scaling, and load balancing of containerized […]
Engaging effectively with application teams is key in scaling out your cloud migration initiative. Some application teams want minimal involvement in the migration process. Others view it as opportunity to enable their engineers and learn by doing. In this post, I discuss the pros and cons and suitability criteria of three engagement models. Deliver ("do-for" […]
Member post by Fredric Newberg, CTO and Co-Founder of Embrace OTel spans are very powerful for gaining an understanding of the performance of mobile applications. However, given the restriction placed…
Grafana Labs and Embrace, a provider of a platform for troubleshooting mobile applications, this week extended their alliance to include integration with Grafana Cloud.
Noyb files complaint against Google's Privacy Sandbox, alleging user tracking and GDPR violations.
Longtime Cloud Security Alliance partner Vishwas Manral shares how CSA is leading the conversation when it comes to cloud and AI security.
It has become clear that developers prefer GraphQL over REST APIs for web client interfaces to deliver and use content more effectively.
Discover expert strategies for securing petabyte-scale data in this exclusive webinar. Essential insights for CISOs and IT professionals
Discover how regulated industries are adopting military-grade cyber defenses to mitigate risks and uphold compliance in an era of escalating cyber thr
Adopting Zero Trust requires careful planning and execution. Here are a few steps to take to begin your Zero Trust implementation.
In many ways, the 10th anniversary of Kubernetes became a celebration of the community itself — of all the maintainers and contributors, the SIGs and developers advocates — and especially, all of the Kubernetes users around the world.
Discover critical vulnerabilities in ZKTeco biometric access systems, risking data theft and unauthorized access. Learn mitigation strategies now.
Explore how North Korean hackers are intensifying cyber attacks on Brazil's finance, aerospace, and defense sectors.
Mend.io this week added a MendAI tool to its application security portfolio that identifies code generated by an AI model.
Discover why Microsoft delays its AI-powered Recall feature for Copilot+ PCs due to privacy and security concerns.
Learn about best practices and components that define a great blueprint while exploring a fully working, serverless blueprint.
Two Google Cloud security tools can help mitigate the risks posed by the XZ Utils vulnerability. Here's how.
Learn more about systems engineering and how to get started with these key resources curated by Google's Site Reliability Engineering (SRE) team.
To save Compute Engine costs, you can fine-tune disk sizes, leverage committed use discounts, explore Cloud NAT, schedule instances, and use Spot VMs.
Learn more on how to approach and think about pricing throughout your cloud adoption journey with Azure.
Arid Viper launches mobile espionage campaign using trojanized Android apps to deliver AridSpy spyware, targeting Middle East users via fake messaging
Learn about Sleepy Pickle, a new threat exploiting machine learning models via pickle files. Protect your data now!
Learn how threat intelligence transforms security from reactive to proactive, with strategies for prioritizing efforts, strengthening defenses, and enhancing incident response.
Are your third-party SaaS risks under control? Discover the four-step process to secure your SaaS ecosystem.
Shreds.AI today unveiled a namesake generative artificial intelligence (AI) platform based on a large language model (LLM) it trained.
Bureaucratic resistance challenges Zero Trust adoption within government agencies. But the Identity and Access Management benefits are crucial.
Cisco Talos uncovers Operation Celestial Force, a long-running malware campaign by Pakistan-linked threat actors targeting Indian entities since 2018
SSLoad malware delivered by new PhantomLoader, evading detection. Offered as MaaS, it conducts reconnaissance and deploys payloads like Cobalt Strike.
Ukrainian Cyber Police arrest man for aiding Conti and LockBit ransomware groups, while U.S. takes down dark web drug markets.
Google warns of a Pixel Firmware security flaw (CVE-2024-32896) actively exploited as a zero-day. June 2024 update fixes 50 vulnerabilities.
Noodle RAT, a cross-platform backdoor used by Chinese hackers for espionage and cybercrime, targets Windows and Linux systems since 2016.
The success of Kubernetes would not have been possible without the emergence of Docker. That's a big takeaway from the 10th anniversary celebration at Google HQ.
Based on discussions with several SAP on AWS customers, we have discovered that the number of SAP administration or operational task requirements often exceed the capacity of the available team. Due to lack of time, resources, and heavy focus on operations, strategic initiatives like digital transformations often remain unaddressed. Although 1P and 3P automation solutions […]
Matt Butcher reflects on how things started, how Kubernetes marched to maturity, and how it displayed potential to expand into the WebAssembly movement.
Learn how Microsoft can help you and your team take advantage of an array of learning materials and interactive events that build your cloud expertise.
Using Generative AI assistants, instead of requiring a small army of software engineers, a smaller team will be able to manage applications.
The upcoming version of the Certificate of Cloud Security Knowledge has been revised to include new topics such as AI. Learn what's coming in CCSK v5.
Wiz researchers uncover an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency.
Customers are increasingly seeking tools and solutions that can help them achieve their desired outcomes more efficiently and effectively. In the context of cloud management, the need for self-service capabilities has become more pronounced as organizations strive to optimize their cloud resources, improve security, and enhance their overall cloud operations. AWS Service Catalog offers the […]
Explore the 2024 Verizon DBIR insights on vulnerability exploitation, rising attack vectors, and the critical need for faster remediation to enhance data security.
The Splunk data management tools allow IT organizations to preprocess via a single pipeline to provide a consistent level of visibility
Learn about the Ticketmaster-Snowflake breach, cybersecurity lessons, and how to safeguard data effectively.
Symantec uncovers Black Basta ransomware exploiting Windows flaw. Learn about Cardinal group's cyber threats via Microsoft products.
Discover how combining SASE and Zero Trust PAM strengthens enterprise security by providing comprehensive visibility, rigorous access controls, and compliance across digital environments.
Learn about WARMCOOKIE, a new Windows backdoor targeting job seekers in a sophisticated phishing campaign.
China-backed hackers exploit Fortinet flaw, breaching 20,000 systems globally. Dutch NCSC reveals state-sponsored cyber campaign.
Microsoft's June Patch Tuesday fixes 51 vulnerabilities, including critical flaws. Stay protected with the latest updates.
Google Cloud and Oracle Partner to accelerate cloud transformation with Oracle Database@Google Cloud.
Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows administrators. The software giant also responded to a torrent of negative feedback on a new…
We're excited to announce that our Europe (London) Region has renewed our accreditation for United Kingdom (UK) Police-Assured Secure Facilities (PASF) for Official-Sensitive data. Since 2017, the Amazon Web Services (AWS) Europe (London) Region has been assured under the PASF program. This demonstrates our continuous commitment to adhere to the heightened expectations of customers with […]
AWS is focusing most of its cybersecurity efforts on a new generation of cloud infrastructure that is inherently more secure.
For those reluctant to use open source Buildpacks, it's time to reconsider.
Amazon Web Services (AWS) provides tools that simplify automation and monitoring for compliance with security standards, such as the NIST SP 800-53 Rev. 5 Operational Best Practices. Organizations can set preventative and proactive controls to help ensure that noncompliant resources aren't deployed. Detective and responsive controls notify stakeholders of misconfigurations immediately and automate fixes, thus […]
Discover how Cynet's All-in-One Cybersecurity Platform revolutionizes MSP operations, maximizing efficiency, profit, and client protection.
Google was named a Leader in The Forrester Wave: Cybersecurity Incident Response Services Report for Q2 2024. Read more about the report.
New research reveals SecShow, a Chinese actor using DNS probes to measure responses from open resolvers.
Amazon Web Services (AWS) is designed to be the most secure place for customers to run their workloads. From day one, we pioneered secure by design and secure by default practices in the cloud. Today, we're taking another step to enhance our customers' options for strong authentication by launching support for FIDO2 passkeys as a […]
AWS Cloud WAN is a managed wide-area networking (WAN) service that you can use to build and operate wide area networks that connect your data centers and branch offices, as well as your Amazon Virtual Private Cloud (Amazon VPC) VPCs. You can use network policies to centrally configure and automate network management and security tasks, […]
Responsible AI compliance with AWS Audit Manager's "Generative AI Best Practices v2" framework for SageMaker.
New custom policy checks for critical resources, public access detection, and guided revocation to remove unused permissions - proactively securing AWS environments with tailored analysis and actionable insights.
Streamline compliance and security analysis using natural language query generation. Ask questions like "What errors occurred last month?" and get ready-to-run SQL queries tailored to your needs – no technical expertise required.
Amazon GuardDuty expands malware scanning to secure S3 uploads, enabling continuous monitoring and isolation of malicious files without infrastructure overhead.
Fortify your AWS account security with new passkey MFA and mandatory root user MFA. Experience seamless authentication while bolstering protection against unauthorized access.
Continuous Controls Monitoring has revolutionized GRC by streamlining audits, providing real-time assessment of an organization's security controls.
Discover the top 10 network vulnerabilities and actionable solutions from Vonahi Security's annual pentest report.
Learn how to assess AI risks with third-party vendors by focusing on cybersecurity, industry regulations, and company culture to ensure compliance and data protection.
Discover Apple's groundbreaking Private Cloud Compute system, enhancing cloud AI processing with top-tier security.
Cybersecurity researchers have identified an updated version of ValleyRAT with new commands for capturing screenshots, process filtering, and more.
Up to 165 Snowflake customers affected by data theft and extortion campaign.
Arm discloses a critical vulnerability (CVE-2024-4610) in Mali GPU Kernel Drivers. This flaw, actively exploited, affects versions from r34p0 to r40p0
The collaboration of a software testing solutions company with AI from IBM to help streamline the software testing process for developers.
Today, we're announcing that a new AWS Region will be coming to Taiwan by early 2025. The new AWS Asia Pacific (Taipei) Region will consist of three Availability Zones at launch, and will give AWS customers in Taiwan the ability to run workloads and store data that must remain in Taiwan. Each of the Availability […]
Organizations meet business and regulatory requirements by having visibility and control over backup environments. You want a streamlined solution to continuously monitor, detect, and track policy drifts across your backup deployments at scale. This need is driven by the growing complexity of AWS environments, the proliferation of data across diverse AWS services and regions, and […]
As Amazon CTO Werner Vogels said, "Encryption is the tool we have to make sure that nobody else has access to your data. Amazon Web Services (AWS) built encryption into nearly all of its 165 cloud services. Make use of it. Dance like nobody is watching. Encrypt like everyone is." Security is the top priority […]
It offers a cost-efficient way to handle a firehose of immutable log data plus reporting and analytics with index search on top of object storage.
The purpose of this blog is to provide guidance on how AWS License Manager can solve common license management challenges faced by organizations during Mergers & Acquisitions (M&A). In Deloitte's white paper "Making a 'poison pill" easier to swallow: How to manage M&A-related software licensing costs and compliance risks", Deloitte highlights three major obstacles faced […]
This proposal aims to introduce the physical plan conversion, validation, and fallback mechanisms from the Gluten project into Apache Spark.
To help mitigate the risks associated with excessive privileges and misuses of elevated access, we are excited to announce Google Cloud's built-in Privileged Access Manager.
Slurm-GCP v6 helps automate the installation, deployment, and running Slurm, simplifying HPC workload management on Google Cloud.
Securely deploying a network architecture that aligns with FedRAMP High? We've outlined several best practices. Here's how you can use them.
In the last AWS Weekly Roundup, Channy reminded us on how life has ups and downs. It's just how life is. But, that doesn't mean that we should do it alone. Farouq Mousa, AWS Community Builder, is fighting brain cancer and Allen Helton, AWS Serverless Hero, his daughter is fighting leukemia. If you have a […]
Mergers and acquisitions (M&As) offer organizations the opportunity to scale operations, diversify product lines, and capture new markets. However, they come with a set of challenges, such as the nuances of integrating legacy IT systems, complying with stringent regulations, and maintaining business continuity, etc. Eliminating the redundancy of resources and optimizing processes to bring consistency […]
A new phishing attack distributing More_eggs malware is targeting recruiters by posing as job applicants on LinkedIn.
Member post originally published on Fairwinds' blog by Dexter Garner There are many things you can monitor in Kubernetes but you need to understand what is mission-critical in terms of monitoring.
Torrance, United States / California, 10th June 2024, CyberNewsWire
Discover how to secure AWS S3 buckets by addressing common risks like unauthorized access and malware uploads, and learn best practices for permissions, encryption, and monitoring.
Attention Azure users! Microsoft warns of potential abuse of Azure Service Tags by malicious actors. Learn how to protect your cloud resources from un
Google takes down 1,320 YouTube channels and 1,177 Blogger blogs linked to Chinese influence operation. Find out more about the coordinated campaign t
Did you know CISSP holders need to earn 120 CPE credits every three years? Learn how these credits help keep your skills sharp and your certifications
Security Operations Centers are using AI to boost defenses. SOC analysts play a crucial role interpreting AI outputs and ensuring continuous improvement.
Highlighting some of the latest career opportunities in the world of DevOps, including available positions at Ascendion, Peraton and NVIDIA.
There will come a time when how AI works will be a an unknowable mystery that can be explained only by a belief in the existence of magic. There will come a time when how AI works will be a an unknowable mystery that can be explained only by a belief in the existence of magic.
New threat actor Sticky Werewolf is expanding its targets in Russia and Belarus, hitting sectors like pharmaceuticals and aviation.
Much of your project's commercial success hangs on its infrastructure. It is a powerful thing that can speed
Forward-looking technologies are generally cutting-edge and used by early adopters, offering some business value.
System administrators are responsible for service management on Linux devices. Here is what they need to know about configuration, startup options, security and more.
This article presents in incident theme that I've lived through many times but never had such a pithy name for.
New Critical PHP Vulnerability CVE-2024-4577 allows remote code execution on Windows.
Microsoft's AI-powered Recall feature sparked major privacy concerns. Now, it's becoming an opt-in.
Last night a very special event offered over three hours of insights and history about the world's second-largest open source
WarpStream, an AWS Partner, is a drop-in replacement for Apache Kafka. WarpStream's cloud-native architecture makes it as easy to deploy and manage as a stateless web server like NGINX. WarpStream clusters can scale up to handle multiple GiB-per-second workloads as quickly as compute resources are assigned and then scale back down to zero after the […]
On June 6, 2014, Joe Beda made the first commit to Kubernetes, and suddenly a movement was born. Kubernetes has changed the world over the last ten years. Happy 10th birthday Kubernetes!
Ransomware, DDoS, data breaches—attacks are on the rise. But there's hope. Basic cyber hygiene can make a difference.
Researchers have uncovered that the LightSpy spyware, previously thought to target iOS, has a macOS variant.
Ambassador post originally published on the Logz.io blog by Dotan Horovits Troubleshooting within Kubernetes environments can be a daunting task. If we could only have a magical artificial…
Member blog post by Abhishek Singh, Christos Kalkanis, Alexander Wert, and Bahubali Shetti of Elastic In March 2023, OpenTelemetry took a big step towards this goal by merging a profiling data model…
Khushboo Khatter is an IT professional with over 8 years of experience and 6 of those working with Kubernetes. She has a passion for cloud technologies and enjoys exploring cutting-edge CNCF tools.
Learn about the differences between ASPM, CSPM, and CNAPP security solutions and how to make informed application security decisions.
With the emergence of generative AI being incorporated into every aspect of how we utilize technology, a common question that customers are asking is how to properly audit generative AI services on AWS, such as Amazon Bedrock, Amazon Sagemaker, Amazon Q Developer, and Amazon Q Business. In this post, we will demonstrate common scenarios that […]
This blog breaks down the data sources that generate the most actionable notifications regarding high-profile employees' data.
Traditional SCA tools often miss critical vulnerabilities and create alert fatigue. Learn how to protect your software supply chain from emerging thre
The article highlights the growing concerns and regulatory challenges around the use of AI technologies by major tech companies.
A hardware security module (HSM) is a platform for performing cryptography functions. Here are important security controls for HSM as a Service.
Operators, administrators, developers, and many other personas leveraging AWS come across multiple common issues when it comes to troubleshooting in the AWS Console. To help alleviate this burden, AWS released Amazon Q. Amazon Q is AWS's generative AI-powered assistant that helps make your organizational data more accessible, write code, answer questions, generate content, solve problems, […]
AWS CodeBuild now supports managed self-hosted GitHub Action runners, allowing you to build powerful CI/CD capabilities right beside your code and quickly implement a build, test and deploy pipeline. Last year AWS announced that customers can define their GitHub Actions steps within any phase of a CodeBuild buildspec file but with a self-hosted runner, jobs […]
FBI has 7,000+ decryption keys for LockBit ransomware to help victims recover their data for free. If you're a victim, don't pay the ransom.
Ukrainian defense forces targeted by SPECTR malware in SickSync espionage campaign. Learn more about the tactics used by the Vermin group and how to p
Cybercriminals are exploiting vulnerabilities in Docker and ThinkPHP to deploy cryptominers and web shells.
CentOS 7's official end of life is June 30th. What should a DevOps team do? Consider your choices.
Siemens is a technology company focused on industry, infrastructure, transport, and healthcare. From resource-efficient factories, resilient supply chains, and smart buildings and grids, to cleaner and more comfortable transportation and advanced healthcare, the company creates technology with purpose, adding real value for its customers. Siemens technology is everywhere, supporting the critical infrastructure and vital industries […]
Map enterprise controls to AWS data sources effortlessly with predefined, pre-mapped controls based on auditor reviews. Automatically inherit improvements as Audit Manager updates.
Several Cisco platforms will gradually be integrated into one, including Cisco AppDynamics, the Cisco ThousandEyes networking monitor service and the Splunk platform.
Software sprints have become an article of faith in the technology world. In competitive industries that are driven by software,
Securely sharing large files and providing controlled access to private data are strategic imperatives for modern organizations. In an era of distributed workforces and expanding digital landscapes, enabling efficient collaboration and information exchange is crucial for driving innovation, accelerating decision-making, and delivering exceptional customer experiences. At the same time, the protection of sensitive data remains […]
During a recent visit to Microarch, Ben Titzer described Virgil as a language designed for building lightweight high-performance systems.
Part two of a series on platform engineering myths, covering how it's built, what it does, and what it doesn't do.
The new GKE Compliance makes maintaining compliance for your Kubernetes clusters is easier than ever before.
Introduction Galaxy is a scientific workflow, data integration, and digital preservation platform that aims to make computational biology accessible to research scientists that do not have computer programming or systems administration experience. Although it was initially developed for genomics research, it is largely domain agnostic and is now used as a general bioinformatics workflow management […]
As we celebrate the anniversary of the first Kubernetes commit, we're thrilled to announce the Kubernetes 10th Anniversary Logo Design Contest winner and unveil the winning design.
Guest post by Rajiv Thakkar, Director of Product Marketing, Portworx, Pure Storage (LinkedIn) Today, June 6, marks the 10th anniversary of Kubernetes. Kubernetes originally began as a project in…
Despite their critical role in data integration, Extract, Transform and Load processes are prone to challenges, especially during testing.
Kubernetes is the most popular container orchestration platform in the world right now, and its popularity doesn't seem to be waning
Making the Backslash application security platform even more secure with news of added support as well as a revamped, simpler user interface.
Muhstik DDoS botnet is exploiting a critical vulnerability (CVE-2023-33246) in Apache RocketMQ to infect servers.
In this recap of a recent fireside chat, hear from Chris DeRusha, Federal CISO at the OMB, about the OMB's 2022 Zero Trust Executive Order.
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts.
Companies often overlook the security risks that come with AI. This article introduces you to the concept of AI risk management.
Discover the importance of complex passwords and continuous monitoring to safeguard your organization.
Threat actors are now exploiting legitimate packer software to distribute malware. Learn how BoxedApp is being abused to target financial institutions
Starting Dec 1, 2024, Google Maps Timeline data will be stored locally on users' devices, boosting privacy.
Attention Python developers! A malicious package named "crytic-compilers" was found on PyPI, delivering the Lumma information stealer.
Meta created an internal toolkit to help improve the accuracy of AI predictions. Its engineers say it has a hefty set of features that makes a big difference.
The vibrant AWS community is made up of millions of builders worldwide. Within this global audience, there are technical enthusiasts who are going above and beyond to solve problems and generously share their learnings and best practices to empower others—the AWS Heroes. These inspirational leaders make significant contributions, and the AWS Heroes program is our […]
The add-on simplifies finding, understanding, and optimizing tests via a chat interface.
Member post originally published on the Palark blog by Dmitry Shurupov, editor-in-chief, Palark In the recent werf v2.0 release, the CI/CD solution has unveiled a new deployment engine called Nelm.
By Taylor Dolezal, Head of Ecosystem, CNCF The Cloud Native Computing Foundation (CNCF) is thrilled to announce our second cohort of the Zero to Merge program. This comprehensive four-week journey…
Unlock a transformative approach to managing container networking with Advanced Container Networking Services for your Azure Kubernetes Service clusters. Learn more.
BigQuery now integrates with Sensitive Data Protection with native SQL functions that allow interoperable deterministic encryption and decryption.
Learn how Aviator is bringing Google-level engineering productivity to developers with help from Google Cloud.
A recent incident involving Air Canada's AI chatbot serves as a reminder of the risks associated with relying solely on AI technology.
The Kubernetes Gateway API, an inherent Kubernetes component, offers a standardized approach for managing and configuring incoming traffic inside Kubernetes deployments.
When corporate governance is executed by edict, the only practical way for the lower echelons to disagree is to head for the nearest exit.
Chinese state-sponsored hackers target Southeast Asian government in complex cyber espionage campaign.
The hidden use of AI in SaaS apps is a growing concern! Over 8,500 apps embed AI, many leveraging user data without clear transparency.
Hear from Cybersecurity Architect Shruti Kulkarni about helping to produce CSA's Zero Trust research and thought leadership.
RansomHub emerges as a rebranded Knight ransomware, linked to recent high-profile attacks.
Critical updates released for NAS326 and NAS542 devices address severe vulnerabilities that could allow unauthenticated attackers to execute OS comman
A bug in TikTok allowed hackers to take control of high-profile accounts through a zero-click account takeover exploit.
Join us in Philadelphia, Pennsylvania, on June 10–12, 2024, for AWS re:Inforce, a security learning conference where you can enhance your skills and confidence in cloud security, compliance, identity, and privacy. As an attendee, you will have access to hundreds of technical and non-technical sessions, an Expo featuring Amazon Web Services (AWS) experts and AWS […]
Network automation is a rapidly evolving field, so it's important to balance developing strong fundamentals with keeping up with emerging technology trends.
Today, we released the CloudFront Hosting Toolkit, an open source command line interface (CLI) tool to help you deploy fast and secure front-ends in the cloud. Install the CloudFront Hosting Toolkit CLI through npm, run two commands, and CloudFront Hosting Toolkit CLI automatically creates the deployment pipeline and infrastructure needed to build, deploy, and serve your front-end […]
Russian organizations under sustained cyberattack! APT group HellHounds is using a new Windows variant of Decoy Dog malware to infiltrate critical inf
The Google Cloud NetApp Volumes fully managed file storage service has new enterprise data management capabilities.
Critical security flaw discovered in Progress Telerik Report Server (CVE-2024-4358, CVSS 9.8/10). Remote attackers could bypass authentication.
Understand the elements of the CSA STAR program and learn what's coming in the future, including genAI assurance and mappings with other standards.
Member post by Nigel Douglas, Senior Developer Advocate at Sysdig Kubernetes will celebrate its 10th anniversary at the "KuberTENes Birthday Bash" this week. This milestone is a perfect time to…
Today, we released the CloudFront Hosting Toolkit, an open source command line interface (CLI) tool to help you deploy fast and secure front-ends in the cloud. Install the CloudFront Hosting Toolkit CLI through npm, run two commands, and CloudFront Hosting Toolkit CLI automatically creates the deployment pipeline and infrastructure needed to build, deploy, and serve your front-end […]
Discover how AI transforms compliance management by automating error detection, routine tasks, and speeding up the process, helping organizations stay ahead in a fast-changing regulatory landscape.
Browser Isolation, once the gold standard for browser security, is no longer sufficient in today's SaaS-centric world. Learn about the limitations and
A limited number of Snowflake customers are being targeted using stolen credentials via infostealing malware.
A sophisticated malware campaign is deploying Cobalt Strike to seize control of compromised hosts in Ukraine.
Learn about the techniques, tools, and technologies to use for vendor fraud detection.
Notorious DarkGate malware has shifted to using AutoHotkey for its last stages, making detection even more challenging.
Google Sovereign Cloud's collaboration with customers, local sovereign partners, governments, and regulators has grown. Read on to learn how.
The U.S. cybersecurity agency has added Oracle WebLogic Server Vulnerability CVE-2017-3506 to its Known Exploited Vulnerabilities catalog.
Overview When operating complex, distributed systems in the cloud, quickly identifying the root cause of issues and resolving incidents can be a daunting task. Troubleshooting often involves sifting through metrics, logs, and traces from multiple AWS services, making it challenging to gain a comprehensive understanding of the problem. So how can you streamline this process […]
The Google Cloud - GitLab integration improves the developer experience by removing complexity from managing tools and helping them maintain âflow.â
Introduction Freddie Mac has a mission to provide a stable US housing Market. Freddie Mac identified the need for faster application delivery, scalable performance, increased resiliency, and cost optimization of their existing application portfolio. To achieve their mission goals, Freddie Mac undertook a migration from on-premises Kubernetes to Amazon Elastic Kubernetes Service (Amazon EKS). As […]
Member post originally published on SuperOrbital's blog by Keegan McCallum In the previous parts of this blog post series, we explored the fundamentals of using the NVIDIA Device Plugin to manage GPU…
The benefits of serverless architecture, including identity and access management, help reduce attack surfaces & secure cloud-native applications.
Life is not always happy, there are difficult times. However, we can share our joys and sufferings with those we work with. The AWS Community is no exception. Jeff Barr introduced two members of the AWS community who are dealing with health issues. Farouq Mousa is an AWS Community Builder and fighting brain cancer. Allen […]
A new suspicious package named "glup-debugger-log" has been discovered on the npm registry, designed to drop a RAT on compromised systems.
Law enforcement is seeking information on an individual named Odd, believed to be the mastermind behind the Emotet malware.
A malicious campaign used the blockchain-based Meson service to reap rewards ahead of the crypto token unlock. Learn what happened in the attack.
Discover how AI is transforming enterprise security and the associated risks in Cato's latest SASE Threat Report.
Unmanaged non-human identities (NHIs) pose a significant security risk since they often operate outside traditional IT security reviews.
Researchers discovered authorization bypass vulnerabilities in Cox modems that could have allowed hackers to access and control millions of devices.
North Korea-linked threat actor Andariel is using a new Golang-based backdoor called Dora RAT to target educational and manufacturing sectors in South
Are you open to work? Or perhaps just considering a change? Check out our weekly round-up of DevOps job opportunities.
Beware of fake browser updates! Cybercriminals are using this tactic to deliver dangerous malware like BitRAT and Lumma Stealer.
Just getting started with DevSecOps and need a primer for the tools and processes to employ? This should help.
We're thrilled that you want to contribute to improving the system in the wake of an incident! For each post-incident action that you are proposing, we would appreciate it if you would fill o…
Devops Weekly is going to take a break.
Written by a GitHub employee, this article seeks to answer the titular question, with discussions of noise reduction concerns and incidents that affect only a subset of customers.
Hugging Face detected unauthorized access to its Spaces platform. A subset of secrets might have been accessed without authorization.
AWS users who need to comply with the most stringent US government security and compliance requirements operate their workloads in AWS GovCloud (US), which is architected as a separate partition providing network and identity isolation. A common use case for AWS GovCloud (US) users is to operate in both AWS GovCloud (US) Regions and commercial AWS Regions, such as […]
Over 600,000 routers bricked in a massive cyber attack targeting a single U.S. ISP.
The concerns about data security and compliance compel certain customers to explore alternative ways of SaaS implementation.
Amazon Connect's analytics data lake centralizes customer data for powerful performance analysis without complex pipelines.
Using GKE golden signals, Generali identified annual savings of more than â¬260,000 per year, representing a 41% reduction in GKE spend.
Community post originally published on dev.to by Sunny Bhambhani There may be cases wherein we just need to update a Kubernetes configmap or any other Kubernetes object based on our requirements.
KCD post originally published on Linkedin by the Kubernetes Community Days UK – London team From https://www.cncf.io/kcds/ KCDs are community-organized events that gather adopters and technologists…
Ransomware attacks have become a prevalent threat, disrupting businesses and causing significant financial losses.
Amazon CodeCatalyst is a modern software development service that empowers teams to deliver software on AWS easily and quickly. Amazon CodeCatalyst provides one place where you can plan, code, and build, test, and deploy your container applications with continuous integration/continuous delivery (CI/CD) tools. CodeCatalyst recently announced the teams feature, which simplifies management of space and […]
Microsoft highlights the critical need to secure internet-exposed OT devices amidst rising cyber attacks.
With the addition of profiling to OpenTelemetry, we expect continuous production profiling to hit the mainstream.
Learn all about agile compliance and how continuous monitoring is revolutionizing risk management and governance.
This blog post is written by Brian Daugherty, Principal Solutions Architect. Enrico Liguori, Solution Architect, Networking. Sedji Gaouaou, Senior Solution Architect, Hybrid Cloud. Network traffic inspection on AWS Outposts rack is a crucial aspect of making sure of security and compliance within your on-premises environment. With network traffic inspection, you can gain visibility into the […]
The software testing and monitoring company SmartBear has introduced GenAI technology to tools, enhancing software development and testing.
Digital content sharing has exponentially increased cyber threat risks. Everfox's prevention-based approach is the future of cybersecurity.
Learn the essential steps for aligning your QMS with ISO 9001 clauses 4-10, covering context, leadership, planning, support, operation, performance evaluation, and improvement.
Russian GRU-backed threat actor APT28 is behind campaigns targeting networks across Europe with HeadLace malware and credential-harvesting web pages.
OpenAI has identified and cut off five covert operations from China, Iran, Israel, and Russia that abused AI tools to manipulate online discourse.
Catchpoint's value proposition is simple to understand. It monitors website and application performance beyond your own infrastructure to provide a "user's-eye view."
This can help DevSecOps teams identify open source software projects that are not being well maintained.
CVE-2024-1086, a high-severity flaw in the Linux kernel, is actively exploited, allowing attackers to gain root access.
Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort…
SOC 2 compliance for startups can be a massive undertaking. Submitting to the CSA STAR Registry demonstrates your path to SOC 2 certification and more.
AWS customers using Terraform as their IaC tool can now benefit from faster time-to-market by building cloud infrastructure with the latest AWS innovations that are typically available on the Terraform AWS CC Provider on the day of launch.
Cloudflare disrupts month-long phishing campaign by Russia-aligned FlyingYeti targeting Ukraine.
Cisco Talos uncovers a previously unknown cyber espionage group targeting organizations in the U.S., Europe, and Asia since 2021.
Mandiant founder and outgoing CEO Kevin Mandia shares the highlights from his keynote address at the RSA Conference earlier this month.
Google Cloud recently asked Coalfire to examine our current processes and measured alignment and maturity toward NIST and ISO objectives for AI development. Here's what they found.
The first five of ten ways to reduce Compute Engine costs, from optimizing your infrastructure to taking advantage of discounts.
Member post by DatenLord In the previous article, we started from why we need command deduplication mechanism, introduced the necessity of deduplication and some problems of the current deduplication…
RedTail malware strikes again! Now exploiting a critical Palo Alto Networks firewall vulnerability (CVE-2024-3400).
Researchers have discovered several vulnerabilities in popular WordPress plugins that allow attackers to create rogue admin accounts.
In this post, we'll show how you can use AWS Private Certificate Authority (AWS Private CA) to issue a wide range of X.509 certificates that are tailored for specific use cases. These use-case bound certificates have their intended purpose defined within the certificate components, such as the Key Usage and Extended Key usage extensions. We […]
Learn how to enhance your cybersecurity program with a robust cyber resilience strategy, ensuring your organization can quickly recover from breaches and adverse events.
Learn how AI-driven tools can revolutionize your Security Operations Center by automating alert triage and enhancing efficiency.
Europol takes down major malware loader operations in Operation Endgame. Over 100 servers dismantled and four arrests made.
Explore the critical role of visibility in applying the principle of least privilege, reducing risks from unused privileges, and achieving a zero trust environment.
U.S. Department of Justice dismantled a botnet consisting of 19 million infected devices.
Okta warns of a vulnerability in the cross-origin authentication feature of their Customer Identity Cloud (CIC).
The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest…
A data perimeter on Amazon Web Services (AWS) is a set of preventive controls you can use to help establish a boundary around your data in AWS Organizations. This boundary helps ensure that your data can be accessed only by trusted identities from within networks you expect and that the data cannot be transferred outside […]
Many users rely on Amazon Elastic Compute Cloud (Amazon EC2) instances and Amazon Elastic Block Store (Amazon EBS) volumes to run their business critical Microsoft Windows-based workloads on AWS. These critical applications often span across multiple EBS volumes attached to EC2 instances. To make sure of the integrity and recovery of such vital workloads, users […]
A new malicious Python package named "pytoileur" has been discovered in the Python Package Index (PyPI) repository.
Because node costs are generally the largest drivers of Kubernetes spending, a few percent in spending lost to node overhead can greatly impact the bottom line.
Streamline data access with trusted identity propagation: simplify sign-in, define fine-grained permissions, and audit using actual user identities across selected AWS analytics services.
We present five common myths about platform engineering - what it is and what it isn't - that we've heard when folks aren't considering the whole picture.
Amazon Web Services (AWS) is pleased to announce the successful renewal of the United Kingdom Cyber Essentials Plus certification. The Cyber Essentials Plus certificate is valid for one year until March 22, 2025. Cyber Essentials Plus is a UK Government–backed, industry-supported certification scheme intended to help organizations demonstrate controls against common cyber security threats. An […]
With numerous AWS accounts in an organization, receiving an external security finding like a vulnerability assessment or pen test report impacting multiple resources can be challenging. Without a centralized resource viewing and search capability, identifying the affected resources require switching and inspecting each account individually, which is time-consuming and inefficient. Security vulnerabilities are time-sensitive, and […]
Harness today revealed it has acquired Split Software to help extend the features management capabilities of its DevOps portfolio.
Check Point has discovered a zero-day vulnerability (CVE-2024-24919) in its Network Security gateway products, which has been exploited in the wild.
New banking trojan targets Brazilian institutions! AllaSenha, a custom variant of AllaKore RAT, is stealing credentials and leveraging Azure cloud for
VPNs are being heavily scrutinized. Software-Defined Perimeter is a cybersecurity model that's becoming the go-to solution for secure remote access.
The 2024 elections face unprecedented cyber threats and AI-driven disinformation. Learn about key risks, protection strategies, and the importance of robust security measures.
RSA Conference 2024 drew 650 speakers, 600 exhibitors, and thousands of security practitioners from across the globe to the Moscone Center in San Francisco, California from May 6 through 9. The keynote lineup was diverse, with 33 presentations featuring speakers ranging from WarGames actor Matthew Broderick, to public and private-sector luminaries such as Cybersecurity and Infrastructure Security […]
JFrog and GitHub today revealed a partnership through which they will work together to integrate their respective DevOps platforms.
Community post by Rob Williamson Microservice autoscaling and event-driven decoupling are both paths to help you deliver on the same purpose – maximum performance AND efficiency for applications.
eorgia man sentenced to 10 years for laundering $4.5M+ through BEC and romance scams.
With over 80,000 tech employees laid off in early 2024, effective offboarding is more challenging than ever.
Moonstone Sleet is a new North Korean threat actor targeting individuals and organizations in various sectors with ransomware and custom malware.
Cybersecurity risks necessitate cloud security assessment. Assessment mechanisms and principles must match the rapidly evolving threat ecosystem.
No matter what you call it, being out of work is a harrowing experience.
BreachForums is back! Just two weeks after a coordinated law enforcement takedown, the notorious cybercrime marketplace has resurfaced.
Unleash unparalleled power with U7i instances: up to 32 TiB DDR5 memory, 896 vCPUs, and unmatched performance for in-memory databases like SAP HANA, Oracle, and SQL Server.
The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers…
Toyota Connected North America, founded in 2016, focuses on developing and delivering advanced technology and data services for Toyota and Lexus vehicles. Toyota Connected's mission is to make mobility a more accessible, exciting, and human-centric experience for everyone. To this end, Toyota Connected uses data connectivity to serve more than 8 million retail customers, hundreds […]
Organizations of all sizes operate in a compliance landscape that is complex, dynamic, and evolving rapidly, facing internal requirements as well as industry or government regulations. A multicloud strategy creates additional challenges to maintain compliance policies across cloud providers. With AWS, you can implement compliance processes faster and more easily with automation, ready-to-use templates, and […]
Startup Userfront takes on the complexity of scaling customer accounts for SaaS companies as they grow.
In this article, we will explore what companies should consider when picking a modern iPaaS (Integration Platform as a Service) solution.
The new FQDN feature in Cloud Next Generation Firewall (NGFW) lets you specify the domain name in your firewall rule rather than IP addresses.
A deeper look at how the global front end solution improves the performance, protection, and scalability of their internet-facing web services.
This blog post is the first of a two-part series that will demonstrate the value of Amazon Security Lake and how you can use it and other resources to accelerate your incident response (IR) capabilities. Security Lake is a purpose-built data lake that centrally stores your security logs in a common, industry-standard format. In part […]
Learn how blockchain technology inherently supports digital trust across various industries.
As businesses transition to cloud-based infrastructure, establishing reliable connectivity between on-premises and cloud environments becomes a critical requirement. AWS Direct Connect provides a dedicated network link that extends a corporate data center network into the Amazon Web Services (AWS) Cloud. At the core of this connection is the Border Gateway Protocol (BGP), a dynamic routing […]
Community post by Antonio Berben, Principal Solutions Architect at Solo.io (Linkedin | GitHub) In a Testing In Production (TIP) scenario, a critical aspect is routing traffic based on runtime…
Cary, United States, 28th May 2024, CyberNewsWire
Indian national pleads guilty to stealing over $37M through fake Coinbase website.
As of March 31, 2024, PCI DSS 3.2.1 has been retired. Here are several key changes or new requirements that were added in PCI DSS v4.0.
A full conference pass is $1,099. Register today with the code flashsale150 to receive a limited time $150 discount, while supplies last. We're counting down to AWS re:Inforce, our annual cloud security event! We are thrilled to invite security enthusiasts and builders to join us in Philadelphia, PA, from June 10–12 for an immersive two-and-a-half-day […]
KCD post by Saim Safdar, CNCF Ambassador In August 2020, I embarked on a journey to establish Cloud Native Islamabad with a vision to cultivate local communities, foster knowledge sharing…
Not all technology assets are created equal. Identifying business-critical assets is essential for effective cybersecurity governance.
Application Security Posture Management (ASPM) enhances visibility and security across the software development lifecycle, ensuring robust compliance and streamlined DevSecOps.
CatDDoS botnet exploits 80+ vulnerabilities, targeting 300+ devices daily for DDoS attacks. DNSBomb, a new attack technique, achieves a 20,000x amplif
Unknown threat actors target WordPress sites using lesser-known code snippet plugins
A critical vulnerability (CVE-2024-5035) has been disclosed in the TP-Link Archer C5400X gaming router, allowing remote code execution.
Last week, Dr. Matt Wood, VP for AI Products at Amazon Web Services (AWS), delivered the keynote at the AWS Summit Los Angeles. Matt and guest speakers shared the latest advancements in generative artificial intelligence (generative AI), developer tooling, and foundational infrastructure, showcasing how they come together to change what's possible for builders. You can […]
With EMPs, enterprises could finally start realizing significant efficiency gains in virtualized data center operations.
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted.
Storm-0539 steals up to $100K/day from companies through sophisticated gift card fraud. Learn how to protect your organization from this growing thre
Deep session inspection offers unparalleled protection against phishing attacks. Learn how it works.
Cybercriminals are exploiting Cloudflare Workers to host phishing sites targeting major email providers.
Indian government, defense, and aerospace sectors targeted by Pakistan-nexus actor Transparent Tribe.
This post proposes a way to manage a fleet of EC2 instances using AWS Systems Manager (SSM) and with Ansible inventory.
The recent performance of the stock market brings to mind the comment of a noted economist who was once asked whether the market is a good leading indicator of general economic activity. Wonderful,…
Platform engineering, establishing a center of production excellence, measuring the DORA metrics and tools for generating tests and writing bash. Oh, and a job opportunity that I'm hiring for in my team at the moment.
A while back, the good folks at Google SRE posted an article titled Lessons Learned from Twenty Years of Site Reliability Engineering. There's some great stuff in here, but I wanted to pick o…
If your overall request volume is low, single errors can have a big impact on your metrics — a phenomenon I've experienced at work recently.
You're probably familiar with the 80-20 rule: when 80% of the X stems from only 20% of the Y. For example, 80% of your revenue comes from only 20% of your customer, or 80% of the logs that yo…
Researchers found a vulnerability in AI-as-a-service provider "Replicate" that could allow unauthorized access to proprietary AI models and sensitive
Logz.io's IQ Assistant, which purports to make the most of your software stack's records, actually makes sense.
The Cloud Foundry Korifi team heard many user requests for an app marketplace and more information about Buildpacks.
Mistral Small, an efficient large language model, joins Amazon Bedrock's lineup, excelling in low-latency tasks, multilingual support, and coding prowess while maintaining cost-effectiveness.
MITRE Corporation hit by a sophisticated cyber attack! Discover how the adversary created rogue VMs to maintain persistent access.
Our commitment to empower federal agencies with advanced technology reaches a significant milestone today with the addition of more than 100 new FedRAMP High authorized cloud services.
Learn how to explicitly define services for use in Cloud Monitoring's Services Overview dashboard.
Project post originally published on the Istio blog by Lin Sun, Solo.io, for the Istio Steering Committee On this day in 2017, Google and IBM announced the launch of the Istio service mesh.
KCD post originally published on Linkedin by Angel Ramirez, CEO at Cuemby | CNCF & OSPO Ambassador | Public Speaker | Cloud Computing and Kubestronaut As an ambassador for the Cloud Native Computing…
Explore the Six Pillars of DevSecOps by CSA, addressing security challenges through collaboration, automation, and compliance in the software development lifecycle.
Nutanix is expanding its cloud native support with AI by providing AI-driven solutions for operations built on Kubernetes.
Google Cloud shares details of an incident impacting one Australian customer's use of Google Cloud VMware Engine. Learn what happened and how we're preventing it from happening again.
Fake antivirus websites are stealing your data. Cybercriminals are using sites that mimic Avast, Bitdefender, and Malwarebytes to spread malware.
Cybersecurity attacks tend to increase in the fourth quarter (Q4) of the year, due to several reasons and notable trends.
Curious about ransomware tactics post-Qakbot? Join us to learn how new groups are taking over the cyber landscape
In the age of DevOps, CISOs must ensure security is integrated from the start. Discover strategies for effective collaboration with DevOps teams to pr
Growing cyber risks are forcing companies to be more proactive with information security. Continuous Threat Exposure Management (CTEM) can help.
Courtroom software compromised! Tampered installer for JAVS Viewer v8.3.7 has been caught distributing RustDoor backdoor.
Attention Chrome users! Google has released fixes for a high-severity security flaw (CVE-2024-5274) that has been actively exploited in the wild.
BLOODALCHEMY malware, an updated version of Deed RAT and successor to ShadowPad, targets government organizations in Southern and Southeastern Asia.
Container based Telco workloads use Multus CNI primarily for traffic or network segmentation. Amazon Elastic Kubernetes Service (Amazon EKS) supports Multus CNI enabling users to attach multiple network interfaces, apply advanced network configuration and segmentation to Kubernetes-based applications running on AWS. One of the many benefits of running applications on AWS is resource elasticity (scaling out and scaling […]
.NET Aspire is generally available as a free, open source, and cloud-agnostic platform for building cloud native applications with proven tooling.
Ransomware attacks on VMware ESXi follow a similar pattern, exploiting misconfigurations and vulnerabilities.
CISA has added a critical security flaw in Apache Flink to its Known Exploited Vulnerabilities catalog.
Misconfigurations in the AI tech stack lead to mismanaged data ingestion, inefficient model training, and inadequate security gaps. Addressing these challenges requires not repeating the mistakes from our cloud and Kubernetes experiences.
AlmaLinux is keeping its Linux community in the technology loop.
Two new agreements add solar energy to multiple electricity grid regions in Japan, as we make progress on our 24/7 carbon-free energy goal.
Yongkang is one of our first Kubestronauts and is based in Singapore and supports a company in the Asia Pacific. He's shifted his focus to cloud native technologies and is now fully certified on…
Project post originally published on the Istio blog by Lin Sun, Solo.io, for the Istio Steering and Technical Oversight Committees Today, Istio's revolutionary new ambient data plane mode has reached…
China-linked threat actor Sharp Panda, now known as Sharp Dragon, is expanding its cyber espionage operations to governmental organizations in Africa
AI-native application workloads bring new security challenges, such as LLM attacks and poisoning. Adopting Zero Trust security is crucial.
Chinese APT group targets government entities in the Middle East, Africa, and Asia in a large-scale cyber espionage campaign dubbed Operation Diplomat
4% of business-critical data lives inside SaaS apps. Are you protecting it? Learn the essentials of secure SaaS data backups.
Pentera's 2024 survey reveals critical gaps in cybersecurity practices, emphasizing the need for improved pentesting, risk management, and executive involvement.
Ivanti releases fixes for 10 critical security flaws in Endpoint Manager that could allow remote code execution.
Google is investing in the new Umoja fiber optic route between Africa and Australia, as well as training and collaboration programs.
Microsoft to deprecate VBScript in favor of JavaScript and PowerShell. The tech giant plans to phase out the scripting language.
Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and…
We sat down to have a chat with Fermyon co-founder and CEO Matt Butcher to have a chat about SpinKube, a new framework for integrating WebAssembly with Kubernetes.
Nutanix offers a way to significantly simplify and lower the threshold of Kubernetes adoption both from the user and management aspects.
Decoupled distribution delivers. That's the message emanating from the cloud-native community as enterprise technology vendors now seek to enable application mobility across clouds.
Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]
Member blog post originally published on the Logz.io blog by Jake O'Donnell Observability isn't new. But organizations are struggling to adopt mature observability practices, and the impact on…
If you agree that leaders of open source businesses need to work together, share their experiences and support each other, you should join us at the inaugural Open Source Founders Summit.
In this blog post, we explore a scenario in which Goldman Sachs, wanted to transfer ownership of several of its key network components between teams in a controlled and seamless manner. Specifically, we take a deep dive on migrating traffic between Direct Connect gateways while maintaining end-to-end connectivity. As a multinational investment bank and financial […]
Review the 5 critical areas that enterprises often miss when it comes to cloud security â and how to properly address each one.
OpenTelemetry offers a standardized process for observability. It can be seen as three main components: standards, SDKs, and the collector.
Member post originally published on the Devtron blog by Prakarsh TL;DR: Learn the key difference between AWS Karpenter and Kubernetes Cluster Autoscaler and choose the right auto-scaling tool for your…
Unfading Sea Haze targets high-level organizations in South China Sea countries since 2018.
Torrance, United States / California, 22nd May 2024, CyberNewsWire
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that the Spring 2024 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The reports cover the 12-month period from April 1, 2023 to March 31, 2024, so that customers have […]
The EU AI Act sets crucial standards for AI governance, transparency, and privacy, impacting organizations globally and requiring comprehensive compliance strategies.
The new C4 provides top-tier performance for demanding applications, while N4's flexible configurations help improve price-performance.
Rockwell Automation urges customers to disconnect industrial control systems from the public internet due to heightened cyber threats
Understand the relevance of climate change in ISO 27001, 22301, and 42001. Determine how applicable these concerns are to your certification.
When words lose their meaning in order to attract popular attention, all that's left are slogans intended to shape the beliefs of others.
Discover how SaaS Security Posture Management (SSPM) can safeguard your organization against evolving threats.
Microsoft this week added a bevy of tools to its portfolio that infuses generative artificial intelligence (AI) into DevOps workflows.
New cryptojacking campaign REF4578 discovered. Hackers use vulnerable drivers to disable security solutions and install XMRig miner.
An unknown threat actor is exploiting Microsoft Exchange Server flaws to deploy keylogger malware.
Zoom has rolled out post-quantum end-to-end encryption (E2EE) for Zoom Meetings.
QNAP releases fixes for medium-severity flaws in QTS and QuTS hero NAS appliances.
Veeam has disclosed four vulnerabilities in its Backup Enterprise Manager, including a critical security flaw (CVE-2024-29849).
You might have security or compliance standards that prevent a database user from changing their own credentials and from having multiple users with identical permissions. AWS Secrets Manager offers two rotation strategies for secrets that contain Amazon Relational Database Service (Amazon RDS) credentials: single-user and alternating-user. In the preceding scenario, neither single-user rotation nor alternating-user rotation would […]
The AWS World IPv6 Day Celebration is a free in-person event. Join us for technical presentations from AWS experts plus a workshop and whiteboarding session. You will learn how to get started with IPv6 and hear from customers who have started on the journey of IPv6 adoption. Be ready to ask AWS experts questions on […]
Independent Service Vendor (ISV) users often offer their end-user solutions hosted on a multi-tenant architecture to reduce cost and operational management. However, this approach can lead Kubernetes clusters to resource exhaustion or network starvation issues that impact neighboring workloads. By default, Kubernetes provides capabilities to enforce resource availability such as CPU and memory to prevent […]
Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available…
Connection tracking (conntrack) is a networking concept where a networking device, like a firewall, router, or NAT device, needs to track and maintain information about the state of IP traffic going through it. The AWS Nitro System that underlies AWS networking does connection tracking for some types of network traffic to implement the stateful nature […]
Continuous monitoring aims to help companies identify problems early enough for a DevOps team to address them before bad things happen.
How do you harden your Kubernetes clusters, enhance incident response capabilities, and implement defense-in-depth measures? Find out here.
Not sure how bug your array should be? Try slices for dynamic sizing of arrays. Here is how to create the dynamically-sized arrays you need.
A critical vulnerability (CVE-2024-4985) has been discovered in GitHub Enterprise Server, allowing attackers to bypass authentication.
IT admins get a generative AI service to help them manage Azure cloud and edge. Will this AI companion make you an instant Azure expert?
Read Azure AI infrastructure announcements from Build, including a preview of Azure VMs built to run on Cobalt 100 processors and Copilot in Azure.
Many AWS customers modernizing their applications into modular services to speed up the development process and improve their ability to scale out individual services as part of the architecture. This includes services developed by the customer and SaaS applications developed by partners. Communication between services requires network connectivity across the Amazon Web Services (AWS) environment. […]
Community post by Gabriel L. Manor, Director of DevRel at Permit.io Domain-specific declarative languages have been a huge part of software development since its early days. Created to tackle the…
CLOUD#REVERSER campaign is using Google Drive and Dropbox to stage malicious payloads.
AWS Network Firewall is a managed, stateful network firewall and intrusion protection service that allows you to implement firewalls rules for fine grained control over your network traffic. If you're new to AWS Network Firewall, and want to understand its features and use cases, we recommend you review the blog post AWS Network Firewall – […]
SolarMarker malware evolves with a multi-tiered infrastructure, making it harder for law enforcement to take down.
Discover the critical tasks that occupy SOC analysts' schedules beyond mere inbox management, and discover insights into optimizing efficiency in cybersecurity operations.
New York, NY, May 21st, 2024, CyberNewsWireMemcyco Inc., provider of digital trust technology designed to protect companies and their customers from
Guiding Principles For The People, Processes, and Tools Needed To Build More Secure Modern Applications At High Speed
Discover how Wazuh's FIM capability ensures real-time monitoring and unauthorized change detection to protect your organization's data integrity.
Explore the impact of the BlackCat/ALPHV ransomware attack on Change Healthcare and learn essential cybersecurity strategies for the medical sector.
Researchers uncover critical security flaws in two widely used software packages, llama_cpp_python for AI models and PDF.js used by the Firefox.
Microsoft has announced several new security features to strengthen Windows 11, including deprecating the NT LAN Manager (NTLM).
CISA has flagged a critical security flaw in NextGen Healthcare Mirth Connect, linked to remote code execution.
Critical security flaw discovered in Fluent Bit could lead to DoS, information disclosure, or even remote code execution.
The OpenSSF Siren is a fresh, new take on ye old security mailing list.
Amazon Q, is a new generative artificial intelligence- (AI)-powered assistant designed for work that can be tailored to your business. You can use Amazon Q to have conversations, solve problems, generate content, gain insights, and take action by connecting to your company's information repositories, code, data, and enterprise systems. Amazon Q provides immediate, relevant information […]
Introduction In this post, we explore the approach of integrating mainframe IBM MQ with Amazon Managed Streaming for Apache Kafka (Amazon MSK), to migrate your applications into a cloud-based consumer model. Amazon MSK is a fully managed Apache Kafka service from AWS that makes it simpler to set up and operate Kafka in the cloud. […]
Amazon Web Services (AWS) successfully completed a special onboarding audit with no findings for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. Ernst and Young CertifyPoint auditors conducted the audit and reissued the certificates on May 16, 2024. The objective of the audit […]
DevOps is about breaking down silos, fostering collaboration, and promoting a culture of shared ownership and accountability.
Iranian threat actor Void Manticore (Storm-0842) has been identified as the culprit behind destructive wiping attacks targeting Albania and Israel.
Explore different methods of automation and effortlessly copying Artifact Registry images across projects and organizations.
This architecture lets you reuse an address space by using Private Service Connect to hide GKE Cluster ranges and connecting them with a multi-nic VM.
AWS Summit season is in full swing around the world, with last week's events in Bengaluru, Berlin, and Seoul, where my blog colleague Channy delivered one of the keynotes. Last week's launches Here are some launches that got my attention: Amazon S3 will no longer charge for several HTTP error codes – A customer reported […]
Manual compliance data gathering can hinder an organization's operational efficiency and compliance posture. Automated compliance solutions can help.
In this post, we discuss how to architect Zero Trust based remote connectivity to your applications hosted within Amazon Web Services (AWS). Specifically, we show you how to integrate AWS Verified Access with Jamf as a device trust provider. This post is an extension of our previous post explaining how to integrate AWS Verified Access […]
Community post by Kirill Kononovich, Dmitry Shurupov, Timur Tukaev The Cloud Native Glossary is a project led by the CNCF Business Value Subcommittee. Its goal is to explain cloud native concepts in…
Learn how syscall evasion with bash shell builtins is used to work around security tool detection and how to combat such efforts.
Looking for a new job? DevOps.com provides a weekly DevOps jobs report through which opportunities for DevOps professionals are highlighted
Multiple threat actors are exploiting a design flaw inFoxit PDF software to deliver various malware.
Modern vulnerabilities often stem from open-source. GitGuardian's SCA scans for CVEs before code commits, ensuring secure, dependable software.
Securing custom applications in a sea of vulnerabilities is daunting. Here are two effective strategies for identifying vulnerabilities.
Is the MACH architecture for web development simply "Jamstack for the enterprise", or is there more to it? We survey several MACH experts.
A multi-faceted campaign is targeting Android, macOS, and Windows users with various stealer malware and banking trojans.
Researchers have observed a surge in email phishing campaigns delivering Latrodectus, a new malware loader believed to be the successor to IcedID.
Amazon Q, is a new generative artificial intelligence- (AI)-powered assistant designed for work that can be tailored to your business. You can use Amazon Q to have conversations, solve problems, generate content, gain insights, and take action by connecting to your company's information repositories, code, data, and enterprise systems. Amazon Q provides immediate, relevant information […]
By embedding security practices at every stage of the IoT development lifecycle, organizations can significantly enhance the security and integrity of their IoT ecosystems.
The recent rise of generative artificial intelligence (generative AI) solutions presents challenges to migrations that are in flight and to migrations that are just beginning. The business problem is that generative AI complicates cloud migrations by introducing additional risks related to data isolation, data sharing, and service costs. For example, the US Space Force has […]
The Debian Linux distro makes for a great LAMP server, the software stack that has powered internet websites for decades.
Two Chinese nationals arrested in the U.S. for allegedly orchestrating a massive pig butchering scam that laundered $73 million from victims.
This week we have posts on APIs, behind the scenes of a large production infrastructure, speeding up monorepo builds and tools for managing feature flags and a new programming language for large scale data processing.
Grandoreiro banking trojan is back, targeting 1,500+ banks in 60+ countries. It now uses infected Outlook to spread phishing emails.
Great practical advice for how to present reliability problems (and your proposed solutions) to e-staff.
Learn about some common approaches for collecting data from multiple AWS services across your organization, including common patterns with code samples that you can reuse to consume the data.
Amazon Web Services (AWS) offers a streamlined solution for you to monitor internet traffic to your CloudFront distribution with simple integration for Amazon CloudWatch Internet Monitor in the Amazon CloudFront console. Ensuring optimal performance and availability is paramount for internet applications. With this integration, you can easily gain more insights into internet health and your users' experience for an application that you've set up with a CloudFront distribution.
If you want to know what's changing in DevOps – as opposed to which conversations are most hype-worthy – these are the places to look.
Rafay's newly added support for GPU workloads helps enterprises and managed service providers power a new GPU-as-a-service experience for internal developers and customers.
Kinsing cryptojacking group evolves again, targeting new vulnerabilities to expand its botnet.
You might have heard of TLA+, but how do you use it for debugging? FizzBee is a new formal methods system that you can grasp in just a weekend.
This post is co-authored with Andy Suarez and Kevin Breton (from KnowBe4). For any successful growing organization, there comes a point when the technical architecture struggles to meet the demands of an expanding and interconnected business environment. The increasing complexity and technical debt in legacy systems create pain points that constrain innovation. To overcome these […]
To provide built-in and centralized visibility into your applications, we are introducing software supply chain security insights for GKE workloads in the GKE Security Posture dashboard.
GitLab this week revealed that, in the coming months, it will add an enterprise edition of its AI add-on for its namesake CI/CD platform.
Almost half of 500 software engineering leaders and practitioners report they can't release code to production without risking failures,
Customers often look for options to capture and centralized storage of application logs from Amazon Elastic Kubernetes Service on Fargate (Amazon EKS on Fargate) Pods to investigate root causes or analyze security incidents. Customers also like the capability to easily query the logs to assist with security investigations. In this blog post, we show you […]
iMessage has been updated with cryptography to secure against quantum computers. Understand what this means for privacy and confidentiality.
Some organizations have requirements to manage their own data encryption keys, both in general and during data transfer processes. In addition, when considering data transfer solutions (not just for encrypted data), organizations must think about factors such as preventing unauthorized access during transfer and storage, transfer efficiency, data integrity, and monitoring mechanisms to make sure […]
Project post originally published on Flux' blog by Stefan Prodan We are thrilled to announce the release of Flux v2.3.0! In this post, we will highlight some of the new features and improvements…
Community post originally published on TAG App Delivery's blog by Atulpriya Sharma Exactly a month ago, Kubernetes users and experts gathered in the City of Lights, Paris, for KubeCon's Europe edition.
Unauthorized access compromises sensitive information and disrupts operations. Here are some strategies to prevent it.
Identity misconfigurations account for 80% of security exposures! Learn how to prioritize and protect your critical assets.
China-linked BlackTech hacking group targets Asia-Pacific with advanced Deuterbear RAT in 2023. Learn about the malware's unique capabilities and how
Many vendors tout automated cloud remediation as the silver bullet for security challenges. This article separates the hype from reality.
North Korean APT group Kimsuky deploys Linux version of GoBear backdoor, targeting South Korean organizations.
CISA has added two actively exploited vulnerabilities to its catalog. Make sure to apply vendor-provided mitigations by June 6, 2024, to stay safe.
Containers have become the dominant method for deploying and managing applications in recent years. Their widespread adoption is attributed to numerous advantages, such as isolation, efficient hardware use, scalability, and portability. In situations where resource isolation is critical for system security, many users are forced to rely on virtual machines (VMs) to mitigate the impact […]
Mobileye (Nasdaq: MBLY), a global leader in advanced driver-assistance systems (ADAS), is at the forefront of the autonomous driving revolution. Founded in 1999, they have pioneered groundbreaking technologies such as REM crowdsourced mapping, True-Redundancy sensing, and Responsibility-Sensitive Safety (RSS). These innovations are paving the way for a future filled with self-driving vehicles and advanced mobility […]
Applications produce log files that should be reliably stored for ad-hoc reporting, compliance, or auditing purposes. Over time, these collections of relatively small log files grow in volume and cost-effective storage and data management becomes crucial. Accessing the data in these files and querying them can also be useful for getting insight from the data. […]
Join us in Philadelphia, Pennsylvania on June 10–12, 2024 for AWS re:Inforce, a security learning conference where you can gain skills and confidence in cloud security, compliance, identity, and privacy. As an attendee, you have access to hundreds of technical and non-technical sessions, an Expo featuring Amazon Web Services (AWS) experts and AWS Security Competency […]
Observability, AI and automation can help organizations achieve proactive IT management and eschew traditional monitoring.
In today's digital ecosystem, maintaining an uninterrupted online presence and resilience is essential for businesses. WordPress platforms, whether e-commerce sites or news portals, must not only meet but exceed stringent Service Level Agreements (SLA's) to maintain user trust, ensure continuity, and protect revenue. These SLAs, defining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), […]
As cloud computing continues to evolve, businesses must adapt to harness the full potential of these developments.
From AI hype to why CISOs matter to the value of nation-state threat intel, CISO Phil Venables revisits his fireside chat with Mandiant CEO Kevin Mandia.
Users in industries such as financial services and healthcare regularly exchange files with their external business partners containing sensitive and regulated datasets, such as Personal Identifiable Information (PII) and financial records. These file transfers often happen over the Secure File Transfer Protocol (SFTP) and encrypting files using Pretty Good Privacy (PGP) before transfer is often […]
When an identity provider (IdP) serves multiple service providers (SPs), IdP-initiated single sign-on provides a consistent sign-in experience that allows users to start the authentication process from one centralized portal or dashboard. It helps administrators have more control over the authentication process and simplifies the management. However, when you support IdP-initiated authentication, the SP (Amazon […]
The circuit breaker pattern is a powerful tool for helping to ensure the resiliency and stability of serverless applications. Lambda extensions are a good fit for its implementation, as demonstrated in this example.
New Wi-Fi vulnerability discovered! CVE-2023-52424, dubbed "SSID Confusion attack," affects all operating systems and Wi-Fi clients.
Today is Global Accessibility Awareness Day (GAAD); a day of awareness intended to draw attention to accessibility and inclusion for people with disabilities around the world. It is a perfect time to reflect on the importance of accessibility in the cloud. At Amazon Web Services (AWS), our guiding principle of customer obsession extends to our […]
Kimsuky hackers launch new social engineering attack using fake Facebook accounts. Learn how they target activists via Messenger and deliver malware.
Understand the need for proper non-human identity governance to ensure the privacy and integrity of data used in RAG AI applications.
Valence Security's 2024 SaaS Report shows a gap between security leaders' confidence in their processes and the complexity of SaaS security risks.
Nearly a dozen security flaws have been discovered in the GE HealthCare Vivid Ultrasound product family.
Google fixes critical zero-day vulnerability in Chrome. CVE-2024-4947, a type confusion bug in the V8 JavaScript engine, has been actively exploited b
Beware of Storm-1811! This financially motivated group is abusing Microsoft's Quick Assist tool in social engineering attacks.
In today's digital ecosystem, maintaining an uninterrupted online presence and resilience is essential for businesses. WordPress platforms, whether e-commerce sites or news portals, must not only meet but exceed stringent Service Level Agreements (SLA's) to maintain user trust, ensure continuity, and protect revenue. These SLAs, defining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), […]
We are delighted to announce the release of the Mergers and Acquisitions (M&A) Lens. The M&A Lens consists of a Mergers and Acquisitions Lens whitepaper and an AWS-created lens available in the new Lens Catalog of the AWS Well-Architected Tool (AWS WA Tool). The AWS Well-Architected Framework provides a consistent approach to evaluate architectures and […]
Starting June 16, exposed service account keys that have been detected in services including public repos will be automatically disabled by default for new and existing customers.
Learn about three different ways you can complete ACE mappings using AWS Partner CRM Connector Version 2.0.
We are excited to announce support for Grafana version 10.4 in Amazon Managed Grafana. You can now run Grafana version 10.4 on a secure, scalable, highly available, and fully managed service. This update gives you access to key features introduced in the open-source Grafana versions 9.5 to 10.4, including Correlations, Subfolders, Transformations redesign, and new visualization panels. It […]
BreachForums, a notorious online bazaar for stolen data, has been seized by law enforcement agencies for the second time in a year.
Android 15 introduces new features to prevent malicious apps from capturing your sensitive data. Find out more about these crucial updates:
Google just unveiled new "private space" feature lets you keep your sensitive apps hidden and locked with a separate PIN.
David Eastman looks back on the "cloud native" family tree — including his experience of container management, orchestration and scaling.
We're excited to share that Gartner has recognized Google as a Visionary in the 2024 Gartner® Magic Quadrant⢠for SIEM, our first time participating.
Learn key strategies to secure cloud environments effectively using CSA's Security Guidance, with a focus on compliance, IR, and IAM.
Grafana capabilities will be extended to accommodate applications such as storage, multiple API management and extending its observability capabilities to offer event-driven functionalities, Kubernetes management and other capabilities.
Unlike many tools for building generative AI apps, the Podman AI Lab was built specifically for developers, rather than data scientists.
Two new backdoors, LunarWeb and LunarMail, have targeted a European ministry of foreign affairs and its diplomatic missions in the Middle East
In this podcast transcript, explore end user happiness and automation in IT. Learn how to design an IT service model that prioritizes the end user.
CVSS v4.0 evaluates vulnerabilities using a revised scoring system, emphasizing environmental and threat metrics.
When one person's code is another person's nightmare.
Moving to the cloud just got easier. Discover how Zerto simplifies your VMware vSphere to Microsoft Azure migration.
Ebury malware botnet has compromised an estimated 400,000 servers since 2009. Learn how to protect your systems from this advanced threat.
Establishing trust with vendors facilitates smooth operations and strengthens the entire business ecosystem. Here's how to establish an effective vendor risk management strategy.
The new version of Rocky Linux includes security improvements, better cloud images, and the latest developer tools.
Alexey Pertsev, co-founder of Tornado Cash, sentenced to 5+ years in prison by Dutch court. The crypto mixer service was sanctioned by the U.S.
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
According to the MITRE ATT&CK framework, lateral movement consists of techniques that threat actors use to enter and control remote systems on a network. In Amazon Web Services (AWS) environments, threat actors equipped with illegitimately obtained credentials could potentially use APIs to interact with infrastructures and services directly, and they might even be able to use […]
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS…
The environmental impact of data centers is becoming increasingly critical. These facilities, essential to our digital infrastructure, consume vast
In highly regulated industries, securely exchanging files business-to-business is a crucial business practice. When building out a Managed File Transfer (MFT) environment, it is common to consider using a third-party identity solution for authenticating users. This approach offers simplicity for businesses that already use an identity service, allowing them to maintain identities for a variety […]
Join us in Philadelphia, Pennsylvania on June 10-12, 2024 for AWS re:Inforce, a cloud governance, compliance, and security conference. Attendees can expand their cloud security knowledge through hundreds of technical and non-technical sessions, engage with AWS experts and certified partners in the expo hall, and hear from AWS security leaders during keynotes. Whether you are […]
Developers owning security? Testing in production? Are you mad!? A DevSecOps expert makes the case for why a shift is inevitably coming.
The new sixth-generation Trillium Tensor Processing Unit (TPU) makes it possible to train and serve the next generation of AI foundation models.
By considering this advice, IT leaders can move AI initiatives forward despite the obstacles and pressures they're up against.
The vast majority of applications don't run run the CPU flat-out at 100% utilization continuously. Take a web application, for instance. It typically fluctuates between periods of high and low demand, but hardly ever uses a server's compute at full capacity. CPU utilization for many common workloads that customers run in the AWS Cloud today. […]
Researchers have uncovered a critical vulnerability in VMware's Bluetooth device, allowing code execution by malicious actors.
No-code/low-code platforms empower employees with no application security knowledge to develop programs that security teams don't know exist.
Introduction Amazon Virtual Private Cloud (VPC) is the foundational networking construct used by customers to deploy workloads on AWS. To examine VPC traffic and gain insights into communication patterns, customers collect and analyze VPC Flow Logs, leveraging the capabilities and features AWS has continuously added since 2015. You can get started with Flow Logs by […]
Introduction Keeping a watchful eye on your Kubernetes infrastructure is crucial for ensuring optimal performance, identifying bottlenecks, and troubleshooting issues promptly. In the ever-evolving world of cloud-native applications, Amazon Elastic Kubernetes Service (EKS) has emerged as a popular choice for deploying and managing containerized workloads. However, monitoring Kubernetes clusters can be challenging due to their […]
Google has released emergency fixes for a new zero-day vulnerability (CVE-2024-4761) that has been actively exploited in the wild.
Amazon Web Services (AWS) customers have been adopting the approach of using AWS PrivateLink to have secure communication to AWS services, their own internal services, and third-party services in the AWS Cloud. As these environments scale, the number of PrivateLink connections outbound to external services and inbound to internal services increase and are spread out […]
Widely-used web services are being increasingly weaponized. Threat actors are using admin functions and trusted productivity sites to carry out attacks.
A new social engineering campaign is targeting enterprises with spam emails to gain initial access. The threat actor overwhelms users' email and calls
12 security flaws addressed, including two critical issues leading to remote code execution. Update to version 1.2.27 now to stay protected
Advanced authentication: The key to addressing the weakest link in cybersecurity - human users. Learn how to fortify your organization's defenses.
Delve into why offboarding is such a critical security issue and explore real-world examples of companies that learned this lesson the hard way.
pple and Google just rolled out a cross-platform feature called "Detecting Unwanted Location Trackers" (DULT) on iOS and Android to protect users.
English | German Amazon Web Services (AWS) continues to believe it's essential that our customers have control over their data and choices for how they secure and manage that data in the cloud. AWS gives customers the flexibility to choose how and where they want to run their workloads, including a proven track record of […]
🚀Discover how Platform.sh is revolutionizing data centers with sustainable practices. 🎍Learn about their use of renewable energy and advanced cooling systems. 🎤EcoTech Insights host Bonnie Schneider interviews Platform.sh's Environmental Impact Officer, Leah Goldfarb.
AWS IAM Identity Center is the preferred way to provide workforce access to Amazon Web Services (AWS) accounts, and enables you to provide workforce access to many AWS managed applications, such as Amazon Q Developer (Formerly known as Code Whisperer). As we continue to release more AWS managed applications, customers have told us they want […]
It sounds simple: If you pay developers more money they'll improve the quality and security of their code. The evidence isn't so clear.
Uncovering what each identity is accessing and why, startup Token Security provides essential data to understand microservices vulnerabilities.
We launched AWS Fargate support for Windows Server containers on Amazon Elastic Container Service (ECS) in October 2021 to remove the undifferentiated heavy lifting of managing the underlying host operating system (OS). This has enabled customers to run Windows containers without having to patch, scale, and harden the Windows OS, using the serverless, pay-as-you-go compute […]
AWS Summit is in full swing around the world, with the most recent one being AWS Summit Singapore! Here is a sneak peek of the AWS staff and ASEAN community members at the Developer Lounge booth. It featured AWS Community speakers giving lightning talks on serverless, Amazon Elastic Kubernetes Service (Amazon EKS), security, generative AI, […]
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy,…
The integration of Eventarc into Firestore includes a new Auth Context extension that embeds metadata about who triggered a document change.
Amazon Elastic Container Service (ECS) is a fully managed container orchestration service that helps you deploy, manage, and scale containerized applications. Within Amazon ECS there is a concept known as Capacity, which is the infrastructure where your containers run. Amazon ECS provides multiple options: Amazon Elastic Compute Cloud (EC2) instances in the AWS Cloud, AWS […]
Users often need to host their Kubernetes workloads in specific locations, geographies, or on-premises to meet data locality or low-latency requirements. Amazon Elastic Kubernetes Service (EKS) has a broad range of deployments options from in the cloud to on-premises on customer-managed hardware with Amazon EKS Anywhere. To extend AWS infrastructure and APIs to users on-premises, […]
MITREcorp has launched EMB3D, a new threat-modeling framework for embedded devices used in critical infrastructure.
In cloud computing, metastructure refers to the protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.
London, United Kingdom, May 13th, 2024, CyberNewsWireLogicalis, the global technology service provider delivering next-generation digital managed
While traditional channels like email and SMS remain important, businesses are increasingly exploring alternative messaging services to reach their customers more effectively. In recent years, WhatsApp has emerged as a simple and effective way to engage with users. According to statista, as of 2024, WhatsApp is the most popular mobile messenger app worldwide and has […]
Torrance, California, May 13th, 2024, CyberNewsWireCriminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has
Explore the new 2023 SEC regulations on cybersecurity risk management and incident reporting for compliance.
vFunction, the AI-driven architectural observability platform today added real-time observability and GenAI assistant.
Are your browser extensions safe? 33% in most orgs aren't! Learn to protect your data with insights from the 2024 Browser Security Report.
Looking for a new DevOps job? Consider these roles, including at Paramount+, Western Union and Michaels Stores.
Learn best practices for securing Azure resources to ensure that your cloud infrastructure is fortified against increasingly sophisticated cyber threats.
Kaspersky researchers have uncovered multiple security flaws in Cinterion cellular modems that could put your communication networks and IoT devices a
Overcoming cybersecurity challenges means smarter collaboration. Explore how SecurityHQ's Risk Register can bridge the gap between tech and strategy.
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
Red Hat is previewing a policy-as-code capability for the Ansible Automation Platform that promises to make it simpler to apply and enforce governance and compliance policies.
Researchers found a malicious Python package called requests-darwin-lite hiding a sneaky malware.
Traditionally, Java web applications are packaged into Web Application Resource (WAR) files, which can be deployed on any Servlet/JSP container like Tomcat server. These applications often operate within distributed environments, involving multiple interconnected components such as databases, external APIs, and caching layers. Monitoring the performance and health of Java web applications can be challenging due […]
Want to extend the support cycle of your Ubuntu servers and desktops? Why not give Ubuntu Pro a spin?
This week we have a range of posts covering API specification languages, log formats and CI/CD pipelines as well as tools for building development environments and working with Terraform.
Here's an ultra-practical guide to pushing for reliability investments at your company, formatted as a runbook with a set of specific steps.
The notorious FIN7 hacking group is at it again! This time, they're using malicious Google ads to trick users into downloading malware disguised as le
Introduction In this blog post, we will illustrate how to automate the configuration necessary to manage migrated servers with improved security and reduced costs. To administer servers in an on-premises environment, administrators often use secure shell (SSH) or Remote Desktop Protocol (RDP) to connect. After migrating to Amazon Web Services (AWS), this may not be […]
Introduction Amazon Elastic File System (EFS) is a managed storage service that can be used to provide shared access to data for Kubernetes Pods running across compute nodes in different Availability Zones (AZ) managed by Amazon Elastic Kubernetes Service (EKS). Amazon EFS supports native replication of data across AWS Regions. This feature helps in designing a multi-Region disaster […]
Introduction In the realm of data integration and ETL (Extract, Transform, Load) processes, organizations often face challenges in ensuring efficiency and performance of the ETL jobs. Monitoring the efficiency of ETL jobs becomes crucial in maintaining seamless data workflows. This is where Amazon CloudWatch Logs Insights comes into play, offering powerful log analytics to unearth […]
Introduction Amazon CloudWatch Synthetics canaries are scripts that monitor your endpoints and APIs by simulating the actions of a user. These canaries run on a schedule, check the availability and latency of your applications, and alert you when there are issues. Canary scripts are written in Node.js and Python, and they run inside an AWS […]
IaC changes the way IT operations and development teams collaborate to create, provision and manage infrastructure and applications.
AWS Elemental MediaPackage provides customers the ability to deliver live and video on demand (VOD) securely and reliably at scale. Integrating with other Media Services on AWS and content delivery networks (CDNs) like Amazon CloudFront, MediaPackage offers resilient video origination while reducing media workflow complexity for customers. In 2023, we announced the support for low-latency […]
Learn how Airwallex overcomes international money challenges, leveraging Google Cloud's global network for seamless CI/CD on Gitlab.
North Korean hackers have unleashed a new Golang malware called "Durian" in targeted attacks against South Korean crypto firms.
Safeguard organizational assets and mitigate Shadow Access with Zero Trust and Identity and Access Management principles.
Testcontainers offer developers a way past their otherwise often isolated developer environment.
Join us as we unveil CensysGPT and learn how it's changing the game in threat hunting.
Continuous Controls Monitoring holds the potential to significantly enhance organizational agility and reduce friction.
A CloudZero survey credits engineering teams with keeping cloud costs under control, but there's still some room for improvement.
Is composability just a marketing term? What the heck is MACH? A beginners guide to frontend development terms.
Despite the hype, AI can benefit actual DevOps workflows. These four machine-learning algorithms can make a real difference.
EDR solutions can detect threats that traditional defenses like antivirus often miss. Find out how EDR provides a deeper level of security.
Explore cybersecurity risk management, including activities to align security with a risk-based approach and DevSecOps best practices.
Google has just released an update to patch a new zero-day flaw, CVE-2024-4671, which hackers are actively exploiting in the wild.
Fake Android apps mimicking popular platforms like Google & WhatsApp are stealing user data.
Researchers have uncovered a new attack called "LLMjacking" that targets large language models (LLMs) hosted on cloud services.
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
Maintaining ownership of IP addresses while deploying resources in multiple accounts can lead to underutilized IP address ranges. AWS Global Accelerator supports cross-account sharing for bring your own IP addresses (BYOIP), which enables you to share IP address ranges with multiple AWS accounts. After you provision an IP address range with Global Accelerator using BYOIP, […]
Achieving the best price-performance with the Kubernetes Horizontal Pod Autoscaler (HPA) requires a nuanced understanding of CPU utilization targets.
AWS CloudTrail tracks user and API activities across your AWS environments for governance and auditing purposes. Large enterprises typically use multiple AWS accounts, and many of those accounts might need access to a data lake managed by a single AWS account. By using Lake Formation integration with CloudTrail Lake, you can securely aggregate the data […]
Quiz #26 is in our series of quiz questions where we are investigating how to troubleshoot AWS CloudWatch Alarms. If this is of interest, also look at our
Russia-Linked APT28 Strikes Poland with Malware Campaign Polish government bodies were hit by a sophisticated malware attack orchestrated by the infam
Most organizations prioritize protecting their web applications that are exposed to the internet. Using the AWS WAF service, you can create rules to control bot traffic, help prevent account takeover fraud, and block common threat patterns such as SQL injection or cross-site scripting (XSS). Further, for those customers managing multi-account environments, it is possible to […]
Examine Utah's Artificial Intelligence Policy Act, focusing on legal frameworks, privacy, and compliance in AI usage.
Ivanti Connect Secure (ICS) devices are under attack! Two critical vulnerabilities are being exploited to deploy the notorious Mirai botnet.
Looking to grow your MSP business? Consider offering vCISO services to meet the critical needs of SMEs. It's a game changer for recurring revenue and
Explore strategic prevention methods for enhancing cloud security, focusing on automation, AWS policies, and DevSecOps integration.
Two critical vulnerabilities have been discovered in F5 Next Central Manager that could grant attackers full admin control.
AWS users need to continuously enhance their infrastructure and security processes. This typically involves a two-phase approach: discovery and design, followed by implementation. In the discovery phase, an assessment of the current infrastructure is conducted, leading to the creation of architecture documents and patterns for the subsequent implementation phase. This process delves into Account Structure, […]
Sumo Logic previewed a copilot that leverages GenAI to make it simpler for IT and cybersecurity professionals to derive benefits from its observability platform.
Software development teams are constantly looking for ways to accelerate their software development lifecycle (SDLC) to release quality software faster. Amazon Q, a generative AI–powered assistant, can help software development teams work more efficiently throughout the SDLC—from research to maintenance. Software development teams spend significant time on undifferentiated tasks while analyzing requirements, building, testing, and […]
Instead of assuming that the more you spend on security tools, the more secure your business is, take time to determine which tools to use and what they cost.
StarTree broadly enhances its real-time database platform by adding query support for metrics, logs and traces.
Philadelphia, Pennsylvania, May 8th, 2024, CyberNewsWireSecurity Risk Advisors (SRA) announces the launch of their OT/XIoT Detection Selection Workshop, a
Researchers have uncovered a new class of attacks called Pathfinder that can extract encryption keys and sensitive data from Intel CPUs.
Achieve regulatory compliance with ease. A permissions inventory enables access recertification, SOD checks, and controlled access to sensitive data.
In this CSA Community Spotlight interview, hear from CISO Rick Doten about speaking at cybersecurity events.
A lead contributor to OpenTofu answers the (truly) frequently asked questions about the open source project.
By implementing DevSecOps practices, organizations can proactively address security concerns early in development, reducing vulnerabilities.
A newer version of the Hijack Loader malware has been observed with updated anti-analysis techniques to evade detection.
The cloud promises agility, but opens a Pandora's box of cyber risks if not secured properly. Understand your responsibility under the shared responsi
Here are three ways you can communicate risk to your leadership team as you work to replace legacy infrastructure.
A critical flaw in the hugely popular LiteSpeed Cache plugin for WordPress is being exploited in the wild to create rogue admin accounts, granting att
Today, we are announcing the general availability of the generative engine of Amazon Polly with three voices: Ruth and Matthew in American English and Amy in British English. The new generative engine was trained with publicly available and proprietary data, a variety of voices, languages, and styles. It performs with the highest precision to render […]
Today, we're happy to welcome a new member of the Amazon Titan family of models: Amazon Titan Text Premier, now available in Amazon Bedrock. Following Amazon Titan Text Lite and Titan Text Express, Titan Text Premier is the latest large language model (LLM) in the Amazon Titan family of models, further increasing your model choice […]
The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev as the gang's leader…
This blog shows four ways of combining synchronous and asynchronous tasks in a Lambda function, allowing you to run tasks that continue running after the function returns a response to the client.
The cracks are beginning to show in this global ecosystem, as many projects lack the basic funding to sustain the software that literally runs the world.
In this post, we explore how Amazon Web Services (AWS) customers can use Amazon Security Lake to efficiently collect, query, and centralize logs on AWS. We also discuss new use cases for Security Lake, such as applying generative AI to Security Lake data for threat hunting and incident response, and we share the latest service […]
UK's National Crime Agency has unmasked the admin behind the prolific LockBit ransomware as 31-year-old Russian national Dmitry Khoroshev.
Red Hat wants to bring cloud native-based build and deployment practices to the Linux operating system itself.
Today, users working with SAP ASE databases are navigating the path of rehosting and refactoring to AWS. The catalyst for considering this transition is heightened due to several factors, such as the end of mainstream support announcements by SAP. Although the advantages and benefits of refactoring to open-source databases are compelling, it may require a […]
Today, we're introducing Amazon Bedrock Studio, a new web-based generative artificial intelligence (generative AI) development experience, in public preview. Amazon Bedrock Studio accelerates the development of generative AI applications by providing a rapid prototyping environment with key Amazon Bedrock features, including Knowledge Bases, Agents, and Guardrails. As a developer, you can now use your company's single sign-on credentials to […]
San Francisco, United States, May 7th, 2024, CyberNewsWireHunters, the pioneer in modern SOC platforms, today announced its full adoption of the Open
APT42, an Iranian state-backed hacking group, is leveling up its social engineering tactics. They're posing as journalists and event organizers to bui
MITRE, a renowned research firm, has revealed alarming details about a recent cyber attack that dates back to late 2023.
Explore the significance of the CVE-2024-3094 incident as a crucial wake-up call to fortify defenses and ensure robust cybersecurity measures against software supply chain vulnerabilities.
Oracle today revealed it is developing a generative artificial intelligence (AI) assistant that leverages multiple large language models to create Java and SQL code
Learn how Reflectiz detected a sophisticated malware hidden in an innocent-looking image on a retail site.
Delve into why organizations are adopting Kubernetes for container security, and why you should choose a managed service rather than self-hosted.
Russian operator of BTC-e crypto exchange pleads guilty to money laundering charges spanning 2011-2017.
Google has made enabling two-factor authentication (2FA) easier for personal and Workspace accounts.
With built-in end-to-end encryption, OpenTofu is a natural DevSecOps fit.
Looking for a DevOps job? Look at these openings at Capital One, Sherwin Williams, Marriott International and more
Depending on where your platform lives, it'll be important to continuously monitor the needs it's serving and the business goals it's meant to serve. Highlights from the 2024 Puppet State of DevOps Report.
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers…
After a few critical vulnerabilities were uncovered, Kubernetes got serious about securing pods with user namespaces. Also in the box: More granular container scaling.
Learn more about how Azure can help your enterprise modernize with scalable intelligent applications.
CrowdStrike has run several incident response engagements in which ALPHA SPIDER affiliates demonstrated novel offensive techniques.
April has been packed with new releases! Last week continued that trend with many new releases supporting a variety of domains such as security, analytics, devops, and many more, as well as more exciting new capabilities within generative AI. If you missed the AWS Summit London 2024, you can now watch the sessions on demand, […]
New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359).
Critical unpatched flaw (CVE-2023-49606) in Tinyproxy could lead to remote code execution. Over 50% of 90K+ exposed hosts are vulnerable.
Amazon Web Services (AWS) has recently renewed the Esquema Nacional de Seguridad (ENS) High certification, upgrading to the latest version regulated under Royal Decree 311/2022. The ENS establishes security standards that apply to government agencies and public organizations in Spain and service providers on which Spanish public services depend. This security framework has gone through […]
Less than half of Kubernetes environments have alerts for CPU/memory usage. This trend reflects the prioritization of development agility over security.
AI has the power to revolutionize cybersecurity. Read our latest advancements and announcements from the RSA Conference here.
Ransom demands, data theft, operational halt... The nightmare of cyberattacks on SMBs. Can you afford to risk it? Read how Managed EDR can help
Unlock the steps to becoming a CISO with our guide, offering strategies for all career stages, essential skills, and mentorship insights.
Xiaomi devices running Android have been found to contain multiple security vulnerabilities in various apps and system components.
A new malware called "Cuckoo" is on the loose, targeting both Intel and ARM-based Macs.
Opinions are like noses, everybody has one. And in the case of AI, having a nose is not a requirement.
In this blog post, we will explore how to simplify Amazon EKS deployments with GitHub Actions and AWS CodeBuild. In today's fast-paced digital landscape, organizations are turning to DevOps practices to drive innovation and streamline their software development and infrastructure management processes. One key practice within DevOps is Continuous Integration and Continuous Delivery (CI/CD), which […]
The DORA survey is back this week, along with posts on Jevons paradox, monitoring and testing ML models, reliability and service architecture and more.
Here are a few anecdotes about safety from the past few years. In 2020, the world was struck by the COVID-19 pandemic. The U.S. response was… not great. Earlier in 2019, before the pandemic s…
This one's full of great advice about making sure alerts are actionable, including alerting on flows that actually matter to customers.
Imagine you wanted to understand how to get better at playing the lottery. You strike upon a research approach: study previous lottery winners! You collect a list of winners, look them up, intervie…
In this step by step guide, we are going to learn the Terraform remote state management using S3
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
We're pleased to announce that Amazon Web Services (AWS) demonstrated continuous compliance with the Baseline Informatiebeveiliging Overheid (BIO) Thema-uitwerking Clouddiensten while increasing the AWS services and AWS Regions in scope. This alignment with the BIO Thema-uitwerking Clouddiensten requirements demonstrates our commitment to adhere to the heightened expectations for cloud service providers. AWS customers across the Dutch public sector can […]
Config Sync team scopes lets platform admins define fleet-wide and team-specific cluster configurations such as resource quotas and network policies.
Storing multiple copies of data is often an enterprise data protection best practice and a critical part of backup and recovery solutions. The ability to quickly recover or restore data – often from backup copies in cost-effective archive storage – is critical to minimizing potential downtime or operational disruptions in disaster recovery (DR) scenarios such […]
Bedrock – Slack's internal Kubernetes platform Slack is the AI-powered platform for work that connects people, conversations, apps, and systems together in one place. Slack adopted Amazon Elastic Kubernetes Service (Amazon ) to build "Bedrock," the codename for an internal compute orchestration platform that simplifies container deployment and management. Bedrock handles build, deploy, and runtime […]
Explore the critical interplay between AI and OT security, highlighting unique challenges and strategic insights for CISOs.
Nation-state hackers have a new trick - turning Microsoft's own cloud services into secret command centers to launch attacks undetected.
Our webinar unveils the latest DDoS attack strategies like IoT botnets & amplification tactics. Get real-world examples & proactive defense tips.
Quantum computers are rapidly becoming a reality. This guide will show you how to secure your business as the digital landscape continues to shift.
Cilium's future involves not just Kubernetes and containers, but also VMs, edge use cases and other environments.
Beware of "Shadow SaaS" - a hidden threat to organizations. Learn more: click the link for a must-read guide.
Companies must be equipped to identify, assess, and respond to risks effectively. Risks can fall into one of these three categories.
U.S. government warns of North Korean hackers sending spoofed emails to gather intelligence.
Google announces over 400 million accounts now use passkeys - the passwordless authentication solution.
Aruba Networking has released critical security patches for ArubaOS. Four flaws could allow remote code execution, giving attackers full control.
Here is the latest from Microsoft Azure in data, AI, and digital apps to help you with your modernization. Learn more.
Atlassian acquired Optic, which uses OpenAPI to track API changes across a continuous integration pipeline. It also announced a new AI tool.
Amazon Web Services (AWS) this week make generally available an instance of a generative artificial intelligence (AI) assistant capable of executing
AWS announced Amazon CloudWatch Application Signals during re:Invent 2023. It is a new feature to monitor and understand the health of Java applications. Today we are excited to announce that Application Signals now supports Python applications. Enabling Application Signals allows you to use AWS Distro for OpenTelemetry (ADOT) to instrument Python applications without code changes. […]
The TestState API helps developers to iterate faster, resolve issues efficiently, and deliver high-quality applications with greater confidence. By enabling developers to test individual states independently and integrating testing into their preferred development workflows, it simplifies the debugging process and reduces context switches.
Get started with connecting to your vertex AI workload using private networking options.
Manage AI infrastructure on top of GKE while leveraging open-source frameworks and open models.
Popular apps like Xiaomi File Manager and WPS Office are vulnerable to a path traversal flaw that could let hackers overwrite files and execute malici
Foundational models (FMs) are trained on large volumes of data and use billions of parameters. However, in order to answer customers' questions related to domain-specific private data, they need to reference an authoritative knowledge base outside of the model's training data sources. This is commonly achieved using a technique known as Retrieval Augmented Generation (RAG). […]
The DHS Cyber Safety Review Board released a report exposing critical oversights by Microsoft that enabled a cyber attack on top-tier US officials.
Tel Aviv, Israel, May 2nd, 2024, CyberNewsWireEarly adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser
A Ukrainian hacker part of the notorious REvil gang has been sentenced to over 13 years for orchestrating 2,500+ attacks demanding $700M in crypto ran
âMicrosoft Copilot for Security employs strict access controls and manages data through advanced encryption for both at-rest and in-transit data.
Are you confident your vulnerability scanner isn't leaving blind spots in your attack surface? Uncover the limitations of relying on a single scanner
A new botnet called Goldoon is targeting D-Link routers with a critical vulnerability from 2015 (CVE-2015-2051).
Dropbox Sign Breached! Unidentified hackers accessed user emails, usernames, and account settings for all Dropbox Sign users.
A critical flaw (CVE-2023-7028) is being actively exploited, allowing account takeover by sending password reset emails to unverified addresses.
Attention SOHO router users! A new malware called Cuttlefish is on the prowl, stealthily monitoring your traffic and stealing authentication data.
Amazon CodeCatalyst integrates continuous integration and deployment (CI/CD) by bringing key development tools together on one platform. With the entire application lifecycle managed in one tool, CodeCatalyst empowers rapid, dependable software delivery. CodeCatalyst offers a range of actions which is the main building block of a workflow, and defines a logical unit of work to […]
Domino Data Lab is an AWS partner that provides a central system of record for data science activity across an organization. The Domino solution delivers orchestration for all data science artifacts, including AWS infrastructure, data and services. As part of the solution, Domino's platform leverages the scale, security, reliability, and cost-effectiveness of AWS cloud computing […]
Postman today made available an AI tool for its platform for building and managing APIs that automatically creates tests and documentation.
Want to run your Go program as a full executable binary? The Go install command compiles and installs the application in your workspace's bin directory. Here's how.
RAN slicing is one of the important new features of 5G networks and Microsoft has researched and produced results, making it easier for operators to use in Azure.
Soft delete for Cloud Storage helps protect against accidental and malicious data deletion.
Config Sync's new auto-upgrades feature lets you automatically upgrade Config Sync versions and oversee the lifecycle of Config Sync components.
Starting today, you can configure your DNS Firewall to automatically trust all domains in a resolution chain (such as aCNAME, DNAME, or Alias chain). Let's walk through this in nontechnical terms for those unfamiliar with DNS. Why use DNS Firewall? DNS Firewall provides protection for outbound DNS requests from your private network in the cloud […]
GitHub has made available a formal technical preview of an approach to building software that uses generative AI to complete tasks.
Golden templates make it easier to get started with IaC, but they don't effectively fit users' needs. Let's fix that.
Define 7 essential terms related to cloud key management and access additional resources to dive deeper into key management concepts.
Learn more on how Azure can help you best run your VMware workloads as well as respond with agility and meet the security and compliance requirements you need.
Elastic Load Balancing (ELB) offers four types of load balancers, all featuring high availability, automatic scaling, and robust security support for your applications: Application Load Balancer (ALB), Network Load Balancer (NLB), Gateway Load Balancer (GWLB), and Classic Load Balancer (CLB). ELB automatically scales up and down, and scales in and out in response to traffic […]
How does blockchain pseudonymity enable financial crime detection? By combining it with knowledge of licit and illicit crypto services, machine learni
Researchers have uncovered a new Android malware called Wpeeper that uses compromised WordPress sites to hide its true command-and-control servers.
Automox CISO Jason Kikta shares his personal experience with Linux and highlights its advantages and innovations.
Today, Snyk made available an edition of its application security posture management (ASPM) tool for assessing application risks.
We all have our priorities.
Master the art of choosing a security awareness training (SAT) solution that can drive meaningful changes for you and your organization.
Explore effective cloud migration strategies to optimize costs and streamline operations for businesses.
ZLoader modular malware trojan has resurfaced with anti-analysis feature that prevents execution on machines different from the original infection.
Former NSA employee sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia.
Ruby developers can now use AWS CodeArtifact to securely store and retrieve their gems. CodeArtifact integrates with standard developer tools like gem and bundler. Applications often use numerous packages to speed up development by providing reusable code for common tasks like network access, cryptography, or data manipulation. Developers also embed SDKs–such as the AWS SDKs–to […]
Apache Flink is rapidly gaining traction as a platform for real-time Generative AI apps, though remains a bit of a black box as far as observability and debugging goes. Datorios wants to change that.
The Amazon Titan family of models, available exclusively in Amazon Bedrock, is built on top of 25 years of Amazon expertise in artificial intelligence (AI) and machine learning (ML) advancements. Amazon Titan foundation models (FMs) offer a comprehensive suite of pre-trained image, multimodal, and text models accessible through a fully managed API. Trained on extensive […]
Amazon Web Services (AWS) customers implement multi-account strategies so that multiple teams can deploy workloads in separate organizational units (OUs) and AWS accounts. Cloud administrators are using this practice through offerings such as AWS Control Tower and AWS Organizations. These services help them get things done using individual accounts while maintaining centralized control for governance […]
In 2022, we launched Lambda function URLs as a simple way to configure an HTTPS endpoint for your AWS Lambda function without having to learn, configure, and operate additional services. Customers who want to improve the performance and security of their applications running with Lambda function URLs can deploy Amazon CloudFront in front of Lambda function URLs […]
If we shift our observability focus to the left, we can address issues in CI/CD before they escalate, as described by two Grafana engineers.
By using Cloud Storage and Cloud Storage FUSE file cache, Woven by Toyota saw a 14% reduction in training time and a 97% savings in storage costs.
Service Extensions callouts are GA for Application Load balancers, helping to improve performance, security, and operational efficiency.
Our updated guide helps organizations mitigate the risk of ransomware events, and contain them.
Get ready for RSA as guest columnist Sunil Potti, VP and GM of Google Cloud Security, takes you on a tour of Security Command Center Enterprise.
A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.
WebAssembly makes it quick and easy to download and run a complete LLM on a machine without any major setup.
Backstage helps large teams document their infrastructure and services. This extends the open source version.
Millions of malicious "imageless" containers have been planted on Docker Hub over the past 5 years in multiple cybercriminal campaigns.
Discover how DSPM solutions safeguard sensitive healthcare data, enhance cybersecurity, and ensure compliance with regulations.
When Amazon Web Services (AWS) launched Amazon Q Developer as a preview last year, it changed my experience of interacting with AWS services and, at the same time, maximizing the potential of AWS services on a daily basis. Trained on 17 years of AWS knowledge and experience, this generative artificial intelligence (generative AI)–powered assistant helps […]
At AWS re:Invent 2023, we previewed Amazon Q Business, a generative artificial intelligence (generative AI)–powered assistant that can answer questions, provide summaries, generate content, and securely complete tasks based on data and information in your enterprise systems. With Amazon Q Business, you can deploy a secure, private, generative AI assistant that empowers your organization's users […]
The U.S. government has unveiled new security guidelines to fortify critical infrastructure against AI-related risks.
Delve into AI-specific penetration testing, ensuring your AI systems are robust against cybersecurity threats.
The U.K. is the first country to ban default passwords on smart devices starting April 29, 2024. Manufacturers must provide unique passwords and secur
The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers' location information without consent.
This is a guest post by Pranav Kapoor, Head of DevOps at Upstox co-authored with Jayesh Vartak, Solutions Architect at AWS and Jitendra Shihani, Technical Account Manager (TAM) at AWS. Upstox is India's largest investech, a multi-unicorn valued at $3.5 billion. It allows you to buy and sell stocks, mutual funds, and derivatives, and is […]
In November 2023, we made two new Cohere models available in Amazon Bedrock (Cohere Command Light and Cohere Embed English). Today, we're announcing the addition of two more Cohere models in Amazon Bedrock; Cohere Command R and Command R+. Organizations need generative artificial intelligence (generative AI) models to securely interact with information stored in their […]
Introduction In this blog post, we will walk you through the step-by-step process of completing VMware virtual machine (VM) migrations to Amazon Elastic Compute Cloud (Amazon EC2) using the (Application Migration Service). Moreover, we will show how to apply a custom post-launch action script to remove proprietary VMware tools from the migrated VMs. Migrating on-premises […]
Google reveals a staggering 200,000 app submissions were rejected or remediated from the Play Store last year due to issues with sensitive data access
First introduced in the mid-20th century, mainframe systems continue to be the backbone of many enterprises relying on these systems for mission-critical applications. In fact, it is estimated that at least 71% of Fortune 500 companies use mainframe systems. Globally, 90% of credit card transactions happen on mainframe systems. According to IBM, USD 7.7 trillion […]
Yes, you can enjoy Kubernetes' flat address space without using a lot of IP addresses.
Google Cloud's multi-networking meets the security, performance, and compliance demands of telecom workloads while leveraging native k8s services.
This was a busy week for Amazon Bedrock with many new features! Using GitHub Actions with AWS CodeBuild is much easier. Also, Amazon Q in Amazon CodeCatalyst can now manage more complex issues. I was amazed to meet so many new and old friends at the AWS Summit London. To give you a quick glimpse, […]
A security framework is a set of security controls, policies, and procedures designed to protect your data. Here's an overview of the different types.
Gemini 1.5 Pro helps analysts manage the asymmetric volume of threats more effectively and efficiently.
The "Muddling Meerkat" threat actor is abusing DNS open resolvers to evade detection and conduct reconnaissance across the globe.
A critical vulnerability (CVE-2024-27322) has been discovered in the R programming language. It could allow attackers to execute arbitrary code.
Explore effective strategies to defend against ransomware, focusing on overcoming challenges to enhance organizational cybersecurity.
It's an established practice for development teams to build deployment pipelines, with services such as AWS CodePipeline, to increase the quality of application and infrastructure releases through reliable, repeatable and consistent automation. Automating the deployment process helps build quality into our products by introducing continuous integration to build and test code as early as possible, […]
Red Teaming or Exposure Management? Find out how combining these powerful approaches can fortify your cybersecurity defenses.
Cloud providers are continually evolving, employing advanced tech like AI. Here are some key trends shaping the future of cloud security.
Looking for a DevOps job? Look at these openings at Scientific American, HRL Laboratories, VetsEZ and more.
Multiple vulnerabilities have been discovered in the popular Judge0 online code execution system, putting users at risk of complete system compromise.
Okta is sounding the alarm on an unprecedented spike in credential stuffing attacks targeting online services.
A short issue this week, with some interesting posts on observability and incident response, devops community and naming.
The PIOSEE model is taught to pilots as a rubric for coming to a decision in a difficult aviation situation. As this article explains, we can also use it during IT incidents.
Cybersecurity researchers have uncovered a targeted cyber attack against Ukraine that leveraged a 7-year-old Microsoft Office flaw to deploy Cobalt St
Netdata is easy to install, offers a very well-designed web-based interface, and monitors things like CPU, load, disks, RAM, swap, network, processes, idle-jitter, interrupts and more..
Hackers are disguising Python backdoors as legitimate npm packages to target developers during fake job interviews.
If you want to reduce docker image size, you need to use the standard best practices in building
This blog post was co-written by Brent Eager, Senior Software Engineer, StormForge StormForge is the creator of Optimize Live, a Kubernetes vertical rightsizing solution that is compatible with the Kubernetes HorizontalPodAutoscaler (HPA). Using cluster-based agents, machine learning, and Amazon Managed Service for Prometheus, Optimize Live is able to continuously calculate and apply optimal resource requests, […]
AWS customers realize more than a 5:1 ratio of benefits to investment costs over five years with breakeven on their investment occurring in an average of 10 months (source: "The Business Value of Amazon Web Services", an IDC whitepaper). This blog aims to help Information Technology (IT) teams calculate this value using the tools needed […]
At Google Cloud, we know you have diverse regulatory, compliance, and sovereignty needs, so at Next '24 we announced new ways to expand your power of choice.
Today, applications are more distributed than ever before and they no longer run in isolation. This is especially the case when utilizing Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). A distributed workload or system is one that encompasses multiple small independent components, all working together to complete a task or job. […]
CSA's CCZT is a comprehensive training and certificate program for Zero Trust. CCZT is your on-ramp to becoming an accredited Zero Trust professional.
Multiple critical vulnerabilities discovered in Brocade SANnav SAN management application, impacting all versions up to 2.3.0.
Introduction APIs are the key to implementing microservices that are the building blocks of modern distributed applications. Launching a new API involves defining the behavior, implementing the business logic, and configuring the infrastructure to enforce the behavior and expose the business logic. Using OpenAPI, the AWS Cloud Development Kit (AWS CDK), and AWS Solutions Constructs […]
Uncover the essentials of DevSecOps, ensuring secure code throughout the development lifecycle with cutting-edge tools and practices.
Unlock Endpoint Security with our top 10 must-know tips! From MFA to EDR, discover how to protect your digital kingdom.
A new Android malware called Brokewell is disguising itself as updates for popular apps like Google Chrome and Klarna
The California Privacy Protection Agency's draft regulations aim to bolster consumer protections for automated decision-making technology, including AI.
This comprehensive guide on Kubernetes architecture aims to explain each Kubernetes component in detail with illustrations. So if
A critical vulnerability (CVE-2024-3400) in PAN-OS could expose your systems to remote code execution attacks.
A critical vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. This flaw could allow attackers to take complete con
Introduction The adoption and large-scale growth of Kubernetes in recent years has resulted in businesses deploying multiple Amazon Elastic Kubernetes Service (Amazon EKS) clusters to support their growing number of microservice based applications. The Amazon EKS clusters are usually deployed in separate Amazon Virtual Private Clouds (Amazon VPCs) and often in separate AWS accounts. A […]
Common Securitization Solutions (CSS), a joint Fannie Mae and Freddie Mac venture launched in 2019, supports a cornerstone of the American economy – home ownership. CSS built and now operates the largest and most advanced mortgage securitization platform in the US, supporting Freddie Mac and Fannie Mae's 70% market share of the industry with flexibility, […]
North Korean hackers used fake job offers to deliver a new Trojan called Kaolin RAT. It can change file timestamps and load malware.
Copado's genAI tool automates testing in Salesforce software-as-a-service (SaaS) application environments.
From the show floor to keynotes to remote attendance, here's your must-read guide to where Google Cloud Security will be at RSA Conference this year.
Participating in the 2024 DORA Survey helps us understand how AI, platform engineering and developer experience impact organizational performance.
Virtual clusters in containers are lighter, faster to spin up and more portable than the real kind, said Lukas Gentele, of Loft Labs, in this episode of The New Stack Makers.
Discover why organizations must pivot to exposure-based cyber defense to address the expanding attack surface and evolving threats effectively.
This article takes you through a real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration.
CVE-2024-3094, a newly disclosed vulnerability in XZ Utils, has sent ripples across tech. Understand CVE-2024-3094 and how to mitigate it.
The U.S. DOJ has made a significant move by arresting the founders of Samourai, a crypto mixer, for laundering over $100M
The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats.
Google hits the brakes on phasing out third-party cookies in Chrome until 2024.
A new stealthy malware campaign leveraging two zero-day flaws in Cisco networking gear has been uncovered, allowing covert data collection and reconna
This blog was updated by Irene Garcia Lopez, Solutions Architect, and Mehdi Yosofie, Solutions Architect, in April 2024 to reflect Karpenter beta changes. Overview Karpenter is a dynamic, high performance, open-source cluster autoscaling solution for the Kubernetes platform introduced at re:Invent 2021. Customers choose an autoscaling solution for a number of reasons, including improving the […]
HashiCorp's software for infrastructure and security life cycle management, along with Red Hat's portfolio, could help IBM make multicloud computing an actual possibility.
Pulumi adds new drift detection and remediation, time-to-live (TTL) stacks and more to its Infrastructure as Code (IaC) platform. Meanwhile, Pulumi CEO Joe Duffy pledges to keep innovating amid the potential HashiCorp-IBM deal.
Externalizing authorization logic for application APIs can yield multiple benefits for Amazon Web Services (AWS) customers. These benefits can include freeing up development teams to focus on application logic, simplifying application and resource access audits, and improving application security by using continual authorization. Amazon Verified Permissions is a scalable permissions management and fine-grained authorization service […]
Embrace revealed today is it is adding support for open source OpenTelemetry agent software to its software development kits (SDKs).
Striking a Balance Between Reliability and Agility in Cloud Operations The IT operation team of an enterprise serves as the first line of defense against potential business disruptions. They operate 24/7, acts as a hub, continuously monitor and manage the IT environment. The operation team handles and prioritizes critical IT incidents to minimize downtime and […]
Embracing AI and the power of community: inside the mind of Champion Innovator Juan Guillermo Gómez.
CSA has developed the Certificate of Competence in Zero Trust (CCZT) to prepare professionals for the Zero Trust transition.
HashiCorp's software for infrastructure and security life cycle management, along with Red Hat's portfolio, could help IBM make multicloud computing an actual possibility.
A sophisticated attack campaign dubbed "FROZEN#SHADOW" is underway, using phishing emails to infect systems with the stealthy malware SSLoad.
U.S. Treasury Department has sanctioned two Iranian firms and four individuals for their involvement in malicious cyber activities targeting U.S.
Learn how to use AWS CloudFormation StackSets to automate and simplify data protection without duplicating existing backups on Amazon EBS, a high-performance block-storage service designed for Amazon EC2.
Explore how cybersecurity accountability shifts to SaaS vendors, emphasizing the importance of single sign-on for user access management.
The complexity of Kubernetes security and least-privilege access can be mitigated with automation, policy-as-code, and continuous security practices.
The power of eBPF largely lies in its computing efficiency since it is directly tied to the Linux kernel.
Major security flaws uncovered in popular Chinese keyboard apps! Researchers found vulnerabilities that could expose users' private keystrokes.
A sophisticated malware called GuptiMiner has been leveraging a flaw in eScan antivirus updates to spread backdoors and crypto miners across corporate
A suspected Vietnamese hacking group is leveraging CDN cache to distribute malware undetected.
Everyone knew HashiCorp was attempting to find a buyer. Few suspected it would be IBM.
At the OCP Regional Summit, Google discussed security advancements including Caliptra for integrated root-of-trust, OCP S.A.F.E, and OCP L.O.C.K.
This blog post introduces how manufacturers and smart appliance consumers can use Amazon Verified Permissions to centrally manage permissions and fine-grained authorizations. Developers can offer more intuitive, user-friendly experiences by designing interfaces that align with user personas and multi-tenancy authorization strategies, which can lead to higher user satisfaction and adoption. Traditionally, implementing authorization logic using […]
Regional PD's cross-zone synchronous replication delivers resilience, management simplicity, and continuous protection for demanding applications.
Google Verified Peering Provider makes it easy for businesses to connect to Google's network with the simplicity and reliability of an enterprise-grade managed service.
Direct VPC egress for Cloud Run, now GA, lets Cloud Run resources send traffic directly to a VPC network without proxying it through Serverless VPC Access connectors.
Explore the technical underpinnings of GenAI hallucinations and how to foster responsible development of AI.
Researchers discovered a "dependency confusion" vulnerability in an archived Apache project, Cordova App Harness.
Four vulnerabilities have been discovered that target Docker container environments: CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653.
M-Trends 2024 continues our tradition of providing relevant security metrics, analysis, and guidance.
Join industry experts Rhys Arkins and Jeffrey Martin for an exclusive webinar on combating supply chain threats.
Today, I am happy to announce the general availability of Guardrails for Amazon Bedrock, first released in preview at re:Invent 2023. With Guardrails for Amazon Bedrock, you can implement safeguards in your generative artificial intelligence (generative AI) applications that are customized to your use cases and responsible AI policies. You can create multiple guardrails tailored to […]
Today, we are announcing the general availability of Meta's Llama 3 models in Amazon Bedrock. Meta Llama 3 is designed for you to build, experiment, and responsibly scale your generative artificial intelligence (AI) applications. New Llama 3 models are the most capable to support a broad range of use cases with improvements in reasoning, code […]
During AWS re:Invent 2023, we announced the preview of Amazon Titan Image Generator, a generative artificial intelligence (generative AI) foundation model (FM) that you can use to quickly create and refine realistic, studio-quality images using English natural language prompts. I'm happy to share that Amazon Titan Image Generator is now generally available in Amazon Bedrock, […]
With Amazon Bedrock, you have access to a choice of high-performing foundation models (FMs) from leading artificial intelligence (AI) companies that make it easier to build and scale generative AI applications. Some of these models provide publicly available weights that can be fine-tuned and customized for specific use cases. However, deploying customized FMs in a […]
The Amazon Bedrock model evaluation capability that we previewed at AWS re:Invent 2023 is now generally available. This new capability helps you to incorporate Generative AI into your application by giving you the power to select the foundation model that gives you the best results for your particular use case. As my colleague Antje explained […]
With Agents for Amazon Bedrock, applications can use generative artificial intelligence (generative AI) to run tasks across multiple systems and data sources. Starting today, these new capabilities streamline the creation and management of agents: Quick agent creation – You can now quickly create an agent and optionally add instructions and action groups later, providing flexibility […]
Smooth remediation requires meticulous coordination. The complexity and scale of the process means that both manual and automated methods should be used.
European police warn that default E2EE could severely hamper efforts to tackle online crimes like child abuse and terrorism.
German authorities issued arrest warrants against three citizens on suspicion of spying for China.
Businesses face massive disruptions from cyberattacks. From revenue losses to strained customer relations. Discover the hidden costs of cyber breaches
The U.S. is cracking down on individuals involved in the development and sale of commercial spyware.
Hackers linked to Russia have been exploiting a Windows bug for YEARS to deploy GooseEgg malware for escalating attack access.
The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian…
If you are managing lots of accounts and Amazon Virtual Private Cloud (Amazon VPC) resources, sharing and then associating many DNS resources to each VPC can present a significant burden. You often hit limits around sharing and association, and you may have gone as far as building your own orchestration layers to propagate DNS configuration […]
The data used to train AI models needs to reflect the production environments where applications are deployed.
AWS Summits continue to rock the world, with events taking place in various locations around the globe. AWS Summit London (April 24) is the last one in April, and there are nine more in May, including AWS Summit Berlin (May 15–16), AWS Summit Los Angeles (May 22), and AWS Summit Dubai (May 29). Join us […]
Ninja Van uses GKE to deliver a flexible, stable and scalable platform for its core applications.
Kaspersky has uncovered a concerning threat actor, ToddyCat, targeting government and military entities.
Explore effective security practices for Slack, highlighting the importance of robust offboarding procedures to prevent unauthorized access.
When its creator, Weaveworks, shut down, Flux got pledges of support. That should inspire confidence in the open source platform, said Puja Abbassi in this episode of The New Stack Makers.
Understand the crucial differences between privacy and confidentiality within the SOC 2 framework to enhance your business's data security strategies.
With enterprises using 53 different security solutions, why are breaches still a frequent reality? Unpack the paradox in our latest report.
Looking for a DevOps job? Look at these openings at NBC Universal, BAE, UBS and more.
MITRE, a top cybersecurity firm, breached by a nation-state. Zero-days and session hijacking were the weapons.
Clarify the zero trust security model for your leadership team with insights on its principles, ensuring robust and informed cybersecurity strategies.
Major cybercrime groups are under attack by police. But are these takedowns effective? Some groups vanish, others bounce back in DAYS.
Researchers detail a flaw in the Windows DOS-to-NT path conversion process which can be exploited by threat actors to gain rootkit like powers.
North Korea's state-linked hackers are enhancing their operations with advanced artificial intelligence tools.
Although reviews of the Ai Pin were pretty uniformly terrible, its promise of a life beyond smartphones remains compelling.
A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.
A new variant of the RedLine Stealer malware has been discovered, utilizing Lua bytecode for stealth and effectiveness.
Easily the majority of incidents I've been in.
Tricentis is adding multiple artificial intelligence (AI) assistants to make it simpler for DevOps teams to create tests for applications,
OpenProject can do classical as well as agile project management for the entire project life cycle. Here's how to set it up securely on your Linux server.
A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors.
If you use CrushFTP for file transfers, update to the latest version immediately.
Redis is taking it in the chops, as both maintainers and customers move to the Valkey Redis fork.
Amazon Q feature development enables teams using Amazon CodeCatalyst to scale with AI to assist developers in completing everyday software development tasks. Developers can now go from an idea in an issue to a fully tested, merge-ready, running application code in a Pull Request (PR) with natural language inputs in a few clicks. Developers can […]
Hyundai's Peace Lee spent nine years writing Glider, which comes with over 150 performance-tracking and visualization command-line tools.
This blog post is written by Brianna Rosentrater, Hybrid Edge Specialist SA. AWS Elastic Disaster Recovery Service (AWS DRS) now supports disaster recovery (DR) architectures that include on-premises Windows and Linux workloads running on AWS Outposts. AWS DRS minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications using affordable storage, […]
In this newsletter, Google Cloud CISO Phil Venables recaps 20 major security announcements from Next '24.
GitLab Duo Chat is a natural language interface which helps generate code, create tests and access code summarizations.
Cloud technologies are a rapidly evolving landscape. Securing cloud applications is everyone's responsibility, meaning application development teams are needed to follow strict security guidelines from the earliest development stages, and to make sure of continuous security scans throughout the whole application lifecycle. The rise of generative AI enables new innovative approaches for addressing longstanding challenges with […]
Define 7 fundamental terms about cyber threats and vulnerabilities, including threat modeling, vulnerability scanning, and vulnerability management.
For overall security, the attributes of a vetted CVE-free or reasonably CVE-free container, which Chainguard offers, provide an effective level of protection.
China-linked hacking group Earth Hundun is targeting Asia-Pacific tech, research, and government sectors with advanced malware, including "Waterbear"
Uncover the security vulnerabilities of Microsoft Copilot and how SSPM solutions can safeguard critical data within SaaS environments.
Expect more attacks on the open source software supply chain, with attackers automating attacks in common projects and package managers.
How attackers are hacking organizations without touching the endpoint by targeting cloud identities.
Akira Ransomware group has already extorted roughly $42 million from over 250 victims globally. They are now targeting both Windows and Linux systems.
Explore how to secure modern data teams and manage enterprise data with innovative data-centric security approaches.
A new threat, 'DuneQuixote', targets Middle East governments with sophisticated evasion tactics.
This post was coauthored by Venkatesh Nannan, Sr. Engineering Manager at Rippling Introduction Rippling is a workforce management system that eliminates the friction of running a business, combining HR, IT, and Finance apps on a unified data platform. Rippling's mission is to free up intelligent people to work on hard problems. Existing Stack Rippling uses […]
Note: This is a more in-depth follow-on post from our high-level, introductory blog on IAM Access Analyzer for S3. Organizations generate, use, and store more data today than ever before. With securing data a top priority, many enterprises focus on implementing the principle of least privilege access, or limiting users to the minimum necessary access […]
French » Spanish » Amazon Web Services (AWS) is pleased to announce that a translated version of our 2023 ISO 27001 and 2023 ISO 22301 certifications are now available: The 2023 ISO 27001 certificate is available in Spanish and French. The 2023 ISO 22301 certificate is available in Spanish. Translated certificates are available to customers […]
IPRally built a custom ML platform using Google Kubernetes Engine (GKE) and Ray that provides streamlined machine learning operations (MLOps).
With better code suggestions and automated testing, low/no-code platforms deliver solutions that meet the demands of today's users.
Support for Unreal Engine 5.3 and a new template make it easier for developers to use the Immersive Stream for XR rendering platform.
Using Kubernetes policy-as-code (PaC) solutions, administrators and security professionals can enforce organization policies to Kubernetes resources. There are several publicly available PAC solutions that are available for Kubernetes, such as Gatekeeper, Polaris, and Kyverno. PaC solutions usually implement two features: Use Kubernetes admission controllers to validate or modify objects before they're created to help enforce configuration best […]
Ukrainian government networks have been compromised by the OfflRouter malware since 2015. This malware is causing sensitive documents to be exposed.
FIN7, a notorious cybercrime group, is targeting the U.S. automotive industry with spear-phishing attacks.
At KubeCon Europe, tech company leaders and representatives said they expected to see more open source project creators tighten up their licensing.
Cybersecurity is moving toward monitoring system activity directly within the kernel. This is evident in the adoption of projects like Tetragon in Linux.
Keep your organization out of the ransomware news headlines and your applications protected with this simple, effective solution from Zerto.
Ever worried about malware in PDFs? ANY.RUN's sandbox can expose hidden threats just by analyzing the file's structure.
New Android malware "SoumniBot" targets users in South Korea by exploiting unique evasion tactics. Find out how it slips through security cracks.
An international law enforcement operation has busted LabHost, a notorious cybercrime service used for phishing attacks.
Explore essential measures to guard against data breaches, including multi-factor authentication, UEBA, and Zero Trust architectures.
Vulnerabilities in OpenMetadata are being exploited. These critical security flaws enable hackers to get into Kubernetes environments.
Hackers are using fake domains of popular IP scanners like Advanced IP Scanner & ManageEngine in a Google Ads malvertising scheme to spread malware.
It is important for cloud security operations teams to maintain a high level of cloud security and detect and respond to malicious web activity in near real-time. AWS WAF helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. However, as your cloud environment scales with […]
Modern software development teams understand the importance of observability as a critical aspect of building reliable and resilient applications. By implementing observability practices, software teams can proactively identify issues, uncover performance bottlenecks, and enhance system reliability. However, it is a fairly recent trend and still lacks industry-wide adoption. As organizations standardize on containers, they often […]
Datadog today published a State of DevSecOps report that finds 90% of Java services running in a production environment are vulnerable.
Our customers depend on Amazon Web Services (AWS) for their mission-critical applications and most sensitive data. Every day, the world's fastest-growing startups, largest enterprises, and most trusted governmental organizations are choosing AWS as the place to run their technology infrastructure. They choose us because security has been our top priority from day one. We designed […]
Amazon Elastic Container Registry (Amazon ECR) provides a fully managed container registry service, offering high-performance hosting for reliably deploying application images anywhere. Amazon ECR service requires repositories to pre-exist before pushing container images. In this post, we explore a dynamic solution that leverages AWS CloudTrail, Amazon EventBridge, and AWS Lambda functions to automatically create Amazon […]
What are the trust best practices? We honestly don't know yet. But, if we're to trust our open source projects, we must figure it out.
With 6M 100% random-read and 6M write IOPS, Z3 VMs provide consistent performance and predictable maintenance experience for storage-dense workloads.
Hyperdisk Storage Pools allows you to share thin-provisioned and data-reduced capacity across up to 1,000 disks in a single project.
Learn effective strategies for small privacy teams to manage data protection and stay compliant amidst evolving legislation.
A new stealthy backdoor malware called Kapeka, likely created by Russia's APT group Sandworm, has been targeting Eastern Europe.
Cloud office platforms like Microsoft 365 need strong cybersecurity solutions. Shape your cloud email security strategy with these tips.
We're going to send email messages that say, "Hope this finds you in a well" and see if anybody notices.
Hackers are exploiting a critical vulnerability in Atlassian servers to gain admin access and deploy a Linux variant of Cerber ransomware.
GenAI isn't just hype—it's a toolbox revolutionizing how we develop software, manage emails, and create content.
Cloud workloads can end up in a malefactor's spotlight because they serve as conduits to accessing the wider applications they belong to.
Grafana 11 provides a more accessible and user-friendly way of authoring Prometheus rules for event monitoring and alerting within Grafana.
If you use Fortinet FortiClient EMS, patch NOW. Hackers are actively using a new exploit
Researchers alert of a global rise in brute-force attacks from TOR nodes targeting VPNs, web interfaces, and SSH services
Many customers migrating their workloads to AWS using AWS Application Migration Service want to use different AWS accounts to support their company's governance and security needs. Customers may also choose to use Infrastructure As Code (IaC) templates using AWS CloudFormation or Terraform with Application Migration Service to deploy source servers to different AWS Accounts. To […]
The AWS Well-Architected Framework is a collection of best practices that helps customers build and operate secure, high-performing, resilient, and cost-effective workloads on the AWS Cloud. With the AWS Well-Architected Tool (AWS WA Tool), you can review the state of your applications and workloads against architectural best practices, identify opportunities for improvement, and track progress […]
New Hyperdisk Balanced storage volumes on GKE are a good fit for workloads that typically rely on persistent SSDs.
The for loop is the most basic type of loop in the Go programming language, but it's one you'll use quite often. Here's how it works.
Security researchers uncover a "credible" takeover attempt on the OpenJS Foundation, mirroring a recent incident with XZ Utils.
We are living in the generative artificial intelligence (AI) era; a time of rapid innovation. When Anthropic announced its Claude 3 foundation models (FMs) on March 4, we made Claude 3 Sonnet, a model balanced between skills and speed, available on Amazon Bedrock the same day. On March 13, we launched the Claude 3 Haiku […]
Two thirds of developers are using AI in product development, primarily for coding, documentation, and conducting research.
Most developers are using some form of DevOps practices, reports the CDF survey. Adopting STANDARD DevOps practices? Not so much.
Popular cloud CLI tools (AWS, Google Cloud, Azure) have a vulnerability ("LeakyCLI") exposing sensitive data in build logs.
TA558 hackers are using steganography to hide and distribute malware like Agent Tesla, FormBook, Remcos RAT, LokiBot.
For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state's revenue department in 2012 and stealing tax and bank account information…
Explore how Microsoft 365's Copilot enhances workflow productivity while addressing data security and compliance risks.
Managed observability platforms offer insights into system health, necessitating a significant volume of high-quality telemetry data.
A critical vulnerability in PuTTY, affecting versions 0.68 through 0.80, compromises the security of NIST P-521 private keys.
Ever heard of shadow admins? A single slip in settings can create 109 of them, risking your entire network's security! Learn how to prevent this.
Use the template described in this article to audit your outdated security processes and determine which processes to update first.
The FTC fined mental telehealth service Cerebral over $7 million for deceptive data sharing practices and failing to honor its cancellation policies.
Two arrested for developing and distributing Hive RAT malware & a Nebraska man indicted for a massive $3.5 million cloud cryptojacking scheme.
The Internet has a plethora of moving parts: routers, switches, hubs, terrestrial and submarine cables, and connectors on the hardware side, and complex protocol stacks and configurations on the software side. When something goes wrong that slows or disrupts the Internet in a way that affects your customers, you want to be able to localize […]
Introduction With the rising popularity of applications hosted on Amazon Elastic Kubernetes Service (Amazon EKS), a key challenge is handling increases in traffic and load efficiently. Traditionally, you would have to manually scale out your applications by adding more instances – an approach that's time-consuming, inefficient, and prone to over or under provisioning. A better […]
We're all asked to assess our skills, sometimes. Surely this answer is as good as any?
Commonhaus is taking a laissez-faire approach to open source group management.
An effective incident management is foremost for maintaining system reliability and ensuring quick responses to unexpected incidents. Incident Manager, a capability of AWS Systems Manager, helps to mitigate and recover from these incidents by enabling automated responses. In a previous blog with Incident Manager, we talked about setting up escalation mechanisms, creating response plans and […]
The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock's maker Chirp Systems remains unresponsive, even though it…
The PartyRock Generative AI Hackathon wrapped up earlier this month. Entrants were asked to use PartyRock to build a functional app based on one of four challenge categories, with the option to remix an existing app as well. The hackathon attracted 7,650 registrants who submitted over 1,200 projects, and published over 250 project blog posts […]
A security vulnerability in the Lighttpd web server, often used in BMCs, has not been addressed by certain vendors, including Intel and Lenovo.
Japanese | Korean | Spanish We continue to listen to our customers, regulators, and stakeholders to understand their needs regarding audit, assurance, certification, and attestation programs at Amazon Web Services (AWS). We are pleased to announce that for the first time an AWS System and Organization Controls (SOC) 1 report is now available in Japanese […]
AWS Community Days conferences are in full swing with AWS communities around the globe. The AWS Community Day Poland was hosted last week with more than 600 cloud enthusiasts in attendance. Community speakers Agnieszka Biernacka, Krzysztof Kąkol, and more, presented talks which captivated the audience and resulted in vibrant discussions throughout the day. My teammate, […]
Project post by Yufei Chen, Miao Hao, and Min Huang, Dragonfly project This document will help you experience how to use dragonfly with TritonServe. During the downloading of models, the file size is…
Organizations need to get a complete picture from cloud vendors of where their cloud infrastructure is hosted and if data is transferring over borders.
Google Cloud launches new generative AI training, and certificates in data analytics and cybersecurity to prepare learners for entry-level cloud jobs.
Muddled Libra threat group weaponizes SaaS & cloud environments for data exfiltration.
Discover the implications for software developed with tools like GitHub Copilot. Learn more about securing your code against AI vulnerabilities.
Security tools are needed to relativize and prioritize vulnerabilities that should be acted on immediately.
In an ever-changing security landscape, teams must be able to quickly remediate security risks. Many organizations look for ways to automate the remediation of security findings that are currently handled manually. Amazon CodeWhisperer is an artificial intelligence (AI) coding companion that generates real-time, single-line or full-function code suggestions in your integrated development environment (IDE) to […]
Explore how CISOs transform into business-savvy leaders, mastering risk management, strategic learning, and inspirational leadership.
Looking for a new DevOps role? Check out these available opportunities at Northrup Grumman, GovCIO, Northwestern Mutual, and more.
Discover the imminent wave of AI legislation in the U.S., aiming to set standards for innovation, privacy, and ethical AI use.
Did you know? Implementing JIT privileged access can drastically cut down the risk of privilege misuse! Learn how to secure your systems with JIT stra
A sophisticated cyber-espionage campaign has re-emerged, targeting South Asia with an iOS spyware implant called LightSpy.
Palo Alto Networks has issued critical hotfixes for a severe security vulnerability in PAN-OS, which is being actively exploited.
The game Last Epoch launched in February, and they had a rocky start. This huge retrospective post tells the story of what happened and how they fixed it.
I've been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts from January, February and March was in order.
Former security engineer sentenced to 3 years for stealing $12.3M from crypto exchanges using insider skills.
US Treasury sanctions Hamas official, Hudhayfa Samir Abdallah al-Kahlut, for cyber influence operations and threats against civilians.
Evaluate the security posture of cloud service providers with the CSA STAR Registry. As a cloud customer, confirm your standards are being met.
Hackers have been exploiting a severe flaw (CVE-2024-3400) in Palo Alto Networks' software that began nearly three weeks before discovery.
As organizations adopt containerization technologies, such as Kubernetes, the challenge of making sure of security and compliance becomes increasingly complex. With Kubernetes environments that span Infrastructure-as-Code (IaC) and Kubernetes clusters, maintaining a secure posture can be a daunting task. To tackle this complexity and reduce risk, many teams are turning to standardized tooling. Organizations that […]
Today, AWS Key Management Service (AWS KMS) is introducing faster options for automatic symmetric key rotation. We're also introducing rotate on-demand, rotation visibility improvements, and a new limit on the price of all symmetric keys that have had two or more rotations (including existing keys). In this post, I discuss all those capabilities and changes. […]
Want the environmental benefits of moving to the cloud? These tools help you get there faster by measuring applications' carbon emissions.
Addressing the urgent need for ethical governance in Generative AI to mitigate risks and secure a responsible technological future.
Arm, Intel, and NVIDIA in recent weeks have rolled out new CPUs, GPUs, and NPUs to fuel compute and app development at the edge.
Malicious "test files" linked to the XZ Utils backdoor found in popular Rust crate liblzma-sys, downloaded over 21,000 times.
As Zero Trust security continues to gain traction, evaluate using APIs versus protocols and their various issues.
Community post by Anup Ghatage Log messages are essential for debugging and monitoring applications, but they can often be overly verbose and cluttered, making it difficult to quickly identify and…
Explore the critical landscape of RCE vulnerabilities within AWS, detailing prevention and mitigation strategies to protect your cloud assets
Worried about the security of non-human identities in your digital systems? Learn how Entro's comprehensive solution can protect your critical data an
Explore how cloud game streaming affects data security and what steps can be taken to mitigate risks.
MuddyWater, linked to Iran's MOIS, strikes again with DarkBeatC2. Our latest blog unpacks the latest tactics in cyber warfare.
Critical security flaw found in Palo Alto Networks firewalls. Hackers are already taking advantage.
CISA ordered federal agencies to analyze compromised emails and ramp up cybersecurity measures following the recent compromise of Microsoft's systems.
E-commerce website owners and admins – BEWARE! Reseachers uncover a credit card skimmer hidden within a bogus Meta Pixel tracker script.
Small and Medium Businesses (SMBs) need to operate with high availability and mitigate security risks while keeping costs low. An AWS multi-account environment with workload isolation, robust access control, cost visualization, and integrated security mechanisms can help SMBs build a platform to support growth. SMBs want to deploy a multi-account environment on AWS quickly and […]
Small and Medium Businesses (SMBs) need to operate with high availability and mitigate security risks while keeping costs low. An AWS multi-account environment with workload isolation, robust access control, cost visualization, and integrated security mechanisms can help SMBs build a platform to support growth. SMBs want to deploy a multi-account environment on AWS quickly and […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.…
Today, we are announcing new capabilities that enable customers to off-board their stacks, layers, and instances from AWS OpsWorks Stacks before it reaches End of Life on May 26, 2024. Previously, we released this blog post that provides customers a way to migrate workloads in a blue/green manner from OpsWorks Stacks to a new architecture […]
As discussed in this blog post, AWS sees organizations with well-defined, tracked and aligned business key performance indicators (KPIs) thrive in their cloud transformation journey. However, it is a challenge to define and track these KPIs. Even when organizations align to track outcomes and there is value in doing so, some encounter difficulties focusing on […]
During this special KubeCon + CloudNativeCon Europe 2023 edition of DevOps Unbound , Alan Shimel and Mitch Ashley are joined by Martin Klaus, Tricentis VP
The legal battle between the faux-open-source HashiCorp and the open source OpenTofu heats up.
Customers can use Private Service Connect for private connectivity from applications to Cloud SQL databases.
Introducing Cloud NGFW Enterprise, which can deliver comprehensive Zero Trust network protection for your Google Cloud workloads.
Today at Next we're announcing Isolator, which adds a vital layer of protection to healthcare data used in collaborations between parties.
The threat of ransomware has placed data protection front and center as a top priority for all businesses. The Sophos State of Ransomware Report 2023 reported that 66% of organizations were impacted in 2022 with a median ransomware payout of $400,000 (average pay out of $1.54 million). With the median recovery cost of using backups […]
Financial services customers that are regulated by the U.S. Securities and Exchange Commission (SEC) are required by regulations (17 CFR § 240.17a-4 and 17 CFR § 240.18a-6, or, briefly, "17a-4" and "18a-6") to store their electronic books and records under certain protective measures. Both 17a-4 and 18a-6 require the ability to retrieve the original, unmodified […]
An update was made on April 11th, 2024, outlining deployment procedure. This post guides you through setting up the networking layer for a multi-Region active-active application architecture on AWS using latency-based routing in Amazon Route 53 with Amazon CloudFront to deliver a low-latency, reliable experience for your users. Building active-active architectures using AWS networking services improves […]
Ambassador post originally published on Logz.io's blog by Dotan Horovits The topic of continuous profiling has been an ongoing discussion in the observability world for some time. I said back in 2021…
Exposed secrets on GitHub and PyPI are more prevalent than you think. GitGuardian's latest report reveals shocking numbers. Dive into the details here
Compliance is living in the old world. Keeping up-to-date in the age of digital transformation is a losing battle. It's time for a SOC for compliance.
TA547 hacker group adopts new tactics, possibly harnessing the power of generative AI, to deploy the Rhadamanthys info stealer in attacks on German or
Exposed secrets on GitHub and PyPI are more prevalent than you think. GitGuardian's latest report reveals shocking numbers. Dive into the details here
Achieving an ISO 27001 certification requires the expertise of accredited auditors, serving as a seal of trust and competency.
Apple's updated spyware alert system now warns individual users of potential targeting by mercenary spyware attacks.
- thehackernews.com - April 11, 2024 If you use FortiClientLinux, update immediately. Critical vulnerability could let attackers run code on your system. Patch now, get the details here.
Google has added a GenAI tool dubbed Gemini Cloud Assist to automate a wider range of tasks across the software development lifecycle.
Google to invest $1 billion in digital connectivity to Japan with Proa and Taihei subsea cables, plus extensions of Tabua and TPU systems.
Introduction Snapchat is an app that hundreds of millions of people around the world use to communicate with their close friends. The app is powered by microservice architectures deployed in Amazon Elastic Kubernetes Service (Amazon EKS) and datastores such as Amazon CloudFront, Amazon Simple Storage Service (Amazon S3), Amazon DynamoDB, and Amazon ElastiCache. This post […]
The new ML Productivity Goodput metric measures the efficiency of the overall ML system, and can be monitored and integrated via API.
Overview Amazon EKS Anywhere (EKS Anywhere) is an opinionated and automated deployment of the Amazon EKS Distro that enables users to create and operate Kubernetes clusters on user-managed infrastructure. EKS Anywhere does not include a Container Storage Interface (CSI) driver for persistence. In this post, we setup OpenEBS to provide persistence using the disks available in […]
On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to redirect to "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft…
With this release, Envoy is ready to replace Kubernetes Ingress controllers.
Storage announcements at Google Cloud Next '24 addressed how to enable demanding AI and ML workloads.
Cloud Service Mesh combines Traffic Director's control plane with Google's Istio-based Anthos Service Mesh into a single managed offering.
As part of Advanced API Security in Apigee API Management, there is now the capability in public preview to track down shadow APIs.
At Next '24, we're announcing advancements in our Confidential Computing solutions that expand hardware options, add additional support for AI workloads, and further expand our partnerships.
Simplify operations and governance at scale by empowering customers to centrally define and manage their applications in Google Cloud.
We've enhanced GKE to help you serve and deploy Gemma, a family of lightweight, state-of-the art open models, on GKE Standard as well as Autopilot.
The latest advances for Google Cloud AI inference: JetStream and MaxDiffusion for high-performance LLM and diffusion model inference on Cloud TPUs.
Member post originally published on AppCD's blog by Lauren Rother Maybe you've heard of Infrastructure as Code (IaC), which is the process of managing and provisioning computer data center resources…
Active Android spyware campaign 'eXotic Visit' targeting users in India and Pakistan.
Prompt engineering unlocks the full potential of LLMs. Want more efficient AI interactions? Customize ChatGTP to transform your LLM into a collaborator.
Rocket Software this week extended its DevOps platform for iSeries platforms from IBM to make it simpler to test applications.
Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
Hackers are exploiting GitHub's search feature to spread malware. Popular repositories are being cloned and infected.
Cloudflare disclosed on February 2nd that it had been breached by a suspected nation-state attacker. This breach exploited multiple exposed secrets.
The Eclipse Foundation is spearheading an effort to create a unified framework for secure software development.
Need to scale vCISO services without draining your resources? Cynomi's AI-driven platform automates security assessments, compliance readiness, policy
As a defender, taking the mindset of a threat actor allows you to better understand exploitable pathways and effectively prioritize remediation efforts.
Cybersecurity researchers reveal the 'first native Spectre v2 exploit' targeting Linux kernel on Intel systems.
Discover the secret tunnels hackers use to infiltrate your security defenses! Learn about Shadow Admins, Service Accounts, and more in our webinar.
Microsoft releases a massive patch for April 2024, fixing a record 149 flaws. Two vulnerabilities are ALREADY under attack.
A severe vulnerability (CVE-2024-24576) in the Rust standard library could lead to command injection attacks on Windows systems.
Monitoring containerized applications requires precision and efficiency. As your applications scale, collecting and summarizing application and infrastructure metrics from your applications can be challenging. One way to handle this challenge is using Amazon CloudWatch Container Insights which is a single-click native monitoring tool provided by AWS. Amazon CloudWatch Container Insights helps customers collect, aggregate, and summarize […]
This post was co-authored with Alex Kirpichny and Evgenia Chernyak (from Ispirer Systems) Introduction Many monolith applications have business logic in the database layer in the form of stored procedures and functions. Businesses have built and maintained their applications using PL/SQL, a reliable and robust programming language. As the technology landscape advances, harnessing the capabilities […]
If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to…
Hashicorp is accusing the open source OpenTofu Project of swiping some of its BSL-licensed Terraform code. Enter the lawyers.
Member post originally published on Fairwinds's blog by Joe Pelletier The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) continue to update their…
For businesses, particularly those in highly regulated industries, managing user accounts isn't just a matter of security but also a compliance necessity. In sectors such as finance, healthcare, and government, where regulations often mandate strict control over user access, disabling stale user accounts is a key compliance activity. In this post, we show you a […]
The updates promise to make it easier to invoke the capabilities of a Grafana Cloud platform based on open source software.
Highlight pairs session replay, a tool to play back user interactions and client-side logs, with more traditional error monitoring and logging tooling.
Perhaps the desire for SEO-optimized everything has gone too far.
In today's workplace, your users need secure, authenticated remote connectivity to your applications. Until recently, many organizations took this requirement to mean "VPN connection." AWS Client VPN, introduced in 2018, has provided AWS customers with a managed, OpenVPN-based VPN client solution for securing remote access to on-premises and AWS-hosted applications. AWS Verified Access, launched in […]
Researchers uncovers Starry Addax, a sophisticated threat actor targeting Sahrawi Arab Democratic Republic activists.
RUBYCARP threat group, suspected to be of Romanian origin, has been discovered operating a botnet for crypto mining, DDoS, and phishing attacks
Multiple vulnerabilities found in LG webOS on smart TVs could grant unauthorized access. Researchers' findings revealed critical flaws impacting thous
Uncover the critical role of cloud permissions in the MITRE ATT&CK Framework's Persistence stage and how to safeguard against threats.
CL0P ransomware emerges as a major player in the cybercrime world! From "bed bug" beginnings to a global threat, this group's aggressive tactics are r
Generative AI's impact will affect workflows all throughout the software development life cycle, warned a panel at the DevOps Modernization Summit.
At Next, Google is announcing Chrome Enterprise Premium, a new offering that can help simplify and strengthen endpoint security.
Enhancements to Cross-Cloud Network help modernize, simplify, and secure your network, while leveraging AI for productivity and efficiency.
At Next, we are announcing cybersecurity innovations that can deliver stronger security outcomes and enable you to make Google a part of your security team.
Gemini for Google Cloud is a new generation of AI assistants for developers, services, and applications that help you work more effectively.
Google Cloud customers have access to a managed container platform designed to support AI and enterprise workload needs today and into the future.
At Next '24, Google Cloud announced numerous compute and storage product releases for both general-purpose and specialized workloads.
AI Hypercomputer boosts efficiency and productivity for AI training, tuning, and serving workloads with new innovations and product launches.
The custom Axion Arm-based processor is designed for general-purpose workloads like web and app servers, databases, analytics, CPU-based AI, and more.
Impact analysis is a critical step in the cloud remediation process that asks: âWhat might go wrong if we implement this fix? What if we don't?â
Cybersecurity experts uncover a sophisticated multi-stage attack! 🛡️ Malware including Venom RAT, Remcos RAT, and more deployed via invoice-themed ph
Hackers are exploiting vulnerabilities (CVE-2024-3272 and CVE-2024-3273) in D-Link NAS devices. Up to 92,000 devices affected.
Whether you're building a business case or planning your cloud migration, understanding your actual compute needs and software licensing entitlements is crucial early in your migration journey. These insights help you formulate a robust and well-informed cloud migration plan. They also help you achieve significant savings on your Windows, VMware, and Oracle workloads compared to […]
Simple tests can demonstrate whether a code generator is actually doing what you ask. That can be important for developers and DevOps who want to use these tools for activities like code or script generation.
A top global e-commerce retailer employs the concept of on-demand manufacturing to deliver a wide variety of affordable fashion apparel products to customers around the world. It serves end users globally with a mobile app and website for ordering, payment, and delivery. To improve the performance, resilience, flexibility, and scalability of its systems, the retailer […]
Unexpected license changes, rotating sponsors for projects and shrinking numbers of maintainers roil the open source world. Balance risks in choosing tools.
APN Partner Snowflake enables organizations to transform, integrate, and analyze their data. Running on AWS has helped them to keep up with a rapidly scaling customer base since 2012 (22% YoY total customer growth as of January 2024). With more customers comes more data, and efficient data management to manage operational overhead and cost is […]
We're just two days away from AWS Summit Sydney (April 10–11) and a month away from the AWS Summit season in Southeast Asia, starting with the AWS Summit Singapore (May 7) and the AWS Summit Bangkok (May 30). If you happen to be in Sydney, Singapore, or Bangkok around those dates, please join us. Last […]
Dynatrace's Carbon Impact App Dynatrace, in collaboration with Lloyds Banking Group, has taken a bold step forward with the Carbon Impact app. This
Explore these DevOps job opportunities at Maxar, General Motors, Ascendion and more.
Member post by Rakesh Girija Ramesan Nair, Senior Technology Architect, and Sherni Liz Samuel, Technology Architect, Infosys Limited This blog brings forth the key focus areas &
Cyberattacks on the water industry raise the prospect of more frequent, widespread incidents that threaten disruption to lives and livelihoods.
Google tackles Chrome security with new V8 Sandbox. This aims to stop memory issues from spreading, protecting your browser experience.
Navigate SOC 2 compliance intricacies, the crucial role of CPA firms, and standards ensuring robust cloud security.
'Latrodectus' strikes via phishing emails. This powerful downloader can execute commands, evade detection, and pave the way for further attacks.
While Flux lost Weaveworks-employed Flux contributors, most of them continue their work on the project and it continues to have a significant and active contributor and user base.
Q1 2024 had 22% less ransomware attacks than Q4 2023. Why is that and is it a trend that will continue?
Learn how the recent insider data breach in a major US telecom highlights the need for improved HR platform security and risk management.
Latin America targeted in new phishing attack. Emails contain malicious HTML files disguised as invoices.
Google sues app developers for massive crypto scam. Scammers tricked 100,000+ users into downloading fake investment apps.
Lots of KubeCon EU wrapup posts this week, along with new developer and operator tooling for incidents, developer productivity and API documentation.
Retrofitting sharding is a huge undertaking.
Red Hat's Podman can not only be used to manage containers, but it is handy for building and maintaining virtual machines as well.
Exploit alert for Magento users! A critical flaw, CVE-2024-20720, allows threat actors to sneak a persistent backdoor into e-commerce sites.
As a dev, Bethany Griggs experienced the cognitive overload of building apps for an enterprise, and attests to the value of the developer portal.
The cloud is an organic system that evolves, and possibilities are endless — you can essentially build what you want. At the same time, it's a hostile and intimidating place.
Modular created Mojo to provide Python developers with a programming language to build high-performance applications, using a familiar syntax .
A big question mark is how to protect our data, especially how to move it and access it as we want, not just being stuck on one cloud provider.
A summary of the sessions about managed container runtimes (GKE, Cloud Run) not to miss at Next '24.
Disaster Recovery (DR) is a critical process for any organization wanting to maintain business continuity in the event of a disaster such as flood, power failure, or ransomware attack. The DR strategy adopted by organizations is commonly driven by a trade-off between cost and the business impact of the time it takes for the workloads […]
Explore the pivotal cloud security and AI resources to be aware of in 2024. Focus on harnessing AI, mastering compliance, and elevating cloud security education for a safer digital future.
New research reveals critical security risks for AI-as-a-service providers like Hugging Face. Attackers could gain access to hijack models, escalate
Explore the shift from Hadoop to modern data stacks and the critical need for data-centric security in cloud infrastructure.
The need to converge the management of NetOps and DevOps workflows has never been more critical.
Navigating cybersecurity compliance just got easier. Our latest blog taps into the wisdom of CISOs to share strategies for managing data security requ
Sys:All, a loophole in Google Kubernetes Engine, can allow any Google account holder to access vulnerable clusters. Learn more about these exposures.
Watch out for FAKE Adobe Acrobat Reader installers. They carry a nasty malware called Byakugan that steals your data.
Financial organizations in APAC & MENA are under attack. A sophisticated threat dubbed JSOutProx combines JavaScript & .NET to infiltrate systems.
Multiple China-linked threat actors exploit zero-day flaws in Ivanti appliances (CVE-2023-46805, CVE-2024-21887, CVE-2024-21893).
Over the last 15 years, the Cloud Security Alliance has gone from ambitious upstarts to a critical global stakeholder for cybersecurity.
Users modernizing their applications using Amazon Elastic Kubernetes Service (Amazon EKS) on AWS often run into critical IPv4 address space exhaustion driven by scale. They want to maximize usage of the VPC CIDRs and subnets provisioned for the EKS pods without introducing additional operational complexity. We believe that use of IPv6 address space is the […]
If you want to program in the Go programming language, you need to learn how variables and data types work. Easy-peasy: Start here.
Golang 1.22 fixes a quirk in the for loop that has long-thwarted closure users. There's also a simpler way to iterate and even a promise of Go generators.
A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites…
Introduction Quora is a leading Q&A platform with a mission to share and grow the world's knowledge, serving hundreds of millions of users worldwide every month. Quora uses machine learning (ML) to generate a custom feed of questions, answers, and content recommendations based on each user's activity, interests, and preferences. ML drives targeted advertising on […]
CoralRaider, a suspected Vietnamese threat actor, has been on the prowl since May 2023, targeting Asia and Southeast Asia with malware aimed at steali
Oil & gas companies beware! Hackers are using the updated Rhadamanthys info-stealer in phishing attacks.
The new object retention lock for Cloud Storage makes it easier to meet regulatory standards, strengthen security, and improve data protection.
Quiz #23 was: As a seasoned Site Reliability Engineer, you've encountered an alert indicating that the "worker-prod queue message age" has exceeded its
Member post originally published on Medium by DatenLord In distributed system application scenarios, it is inevitable to add or delete nodes or replace nodes, the simplest solution is to temporarily…
Learn what objections people have to prioritizing runtime protection and why runtime security is actually the best return on investment.
Kubernetes now has an important role to play in helping data scientists, according to Sanjeev Mohan, an independent analyst, in this episode of The New Stack Makers.
Portland, Oregon, April 4th, 2024, CyberNewsWireCenter Identity, a pioneering cybersecurity company, is excited to unveil its patented secret location
Operational Technology (OT) Cybersecurity: A Balancing Act! OT systems' unique traits demand tailored security measures. Learn why safeguarding OT req
New research exposes vulnerability in HTTP/2 protocol! The CONTINUATION frame can be exploited for DoS attacks, warns security expert Bartek Nowotarsk
All of the changes made to Podman culminate in a much more flexible and responsive container runtime engine.
Unlike REST, GraphQL reduces the need for versioning by allowing new fields and types to be added without impacting existing queries.
Discover how CASUAL aids in preempting cyber threats in Microsoft 365, offering insights into attack tactics and enhancing digital defenses.
Ivanti has released updates addressing 4 critical flaws in Connect Secure and Policy Secure Gateways. Vulnerabilities could lead to code execution.
Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called "The Manipulaters," a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work,…
New burstable workload support to in GKE Autopilot model allows your Pod to temporarily utilize resources outside of its resources.
Introduction Amazon Elastic Container Service (Amazon ECS) has now enhanced its functionalities by integrating support for Amazon Elastic Block Store (Amazon EBS) volume attachment to Amazon ECS tasks. This feature simplifies using Amazon ECS and AWS Fargate with Amazon EBS. Amazon ECS facilitates seamless provisioning and attachment of EBS volumes to ECS tasks on both […]
U.S. Cyber Safety Review Board slams Microsoft for security failures that enabled a major data breach by China-backed hackers.
Google's Pixel smartphones under attack. Two new Android security flaws - CVE-2024-29745 & CVE-2024-29748 - uncovered, exploited in the wild.
Understand which supported DNS option to choose when creating or migrating to a new Google Kubernetes Engine cluster.
Introduction In this post, we review advanced global routing scenarios with AWS Cloud WAN and AWS Direct Connect and dive into how you can control routing to build connectivity between AWS and on-premises locations. We also share best practices for optimizing routing in multi-Region hybrid networks and review common high-availability settings and failover scenarios. Customers […]
Member post originally published on Fairwinds' blog by Joe Pelletier According to Gartner, cloud computing will become an essential component of maintaining business competitiveness by 2028. Indeed…
Dr. Ricci Ieong has over 20 years of industry experience in information technology. Get Ricci's perspective on Cloud Security Alliance assurance standards.
Silver Spring, United States / Maryland, April 3rd, 2024, CyberNewsWireThe Leading Company for Securing Access Between Workloads Recognized for the Aembit
Chrome's new feature, DBSC (Device Bound Session Credentials), aims to safeguard users against cookie theft by malware.
Learn to navigate and defend against look-alike domain threats with essential tips on spotting and reporting deceptive tactics.
A critical step toward adopting automation for legacy applications is to change your organization's mindset about legacy systems.
Vulnerability Management vs. Attack Surface Management: Understand the key differences in scope.
CrowdStrike surveyed application security professionals to learn how effective they are at securing applications. Here are some key findings.
Banking trojan Mispadu expands from Latin America, now targets users in Italy, Poland & Sweden. Finance, automotive, legal & commercial entities at ri
WordPress sites using LayerSlider versions 7.9.11 - 7.10.0 are vulnerable to attack. Hackers could steal sensitive data like passwords.
Introduction Amazon Elastic Container Service (Amazon ECS) has now enhanced its functionalities by integrating support for Amazon Elastic Block Store (Amazon EBS) volume attachment to Amazon ECS tasks. This feature simplifies using Amazon ECS and AWS Fargate with Amazon EBS. Amazon ECS facilitates seamless provisioning and attachment of EBS volumes to ECS tasks on both […]
The goal is to make it easier for IT teams to declaratively create APIs and then manage them at scale.
Customers in industries such as architecture, engineering, & construction (AEC) and media & entertainment (M&E) generate the final frames for film, TV, games, industrial design visualizations, and other digital media with a process called rendering, which takes 2D/3D digital content data and computes an output, such as an image or video file. Rendering also requires […]
Git is optimized to work with large numbers of small files, like text files. This alone makes Git impractical for managing such datasets.
If you're a cloud architect, don't miss these sessions networks, storage, distributed cloud and of course, AI at Google Cloud Next '24.
As more customers advance in their cloud adoption journey, they recognize that simply migrating applications to the cloud does not automatically ensure resilience. To ensure resilience, applications need to be designed to withstand disruptions from infrastructure, dependent services, misconfiguration and intermittent network connectivity issues. While many organizations understand the importance of building resilient applications, some […]
A provider publishes an API with an Open API spec, and developers connect to it. Unfortunately, onboarding seldom works out that simply.
Member post by ByteDance Since its open-source release in 2014, Kubernetes has rapidly become the de facto standard for container orchestration. The infrastructure team at ByteDance adopted Kubernetes…
Explore the deep impact of privacy breaches beyond data loss, including identity theft, financial risks, and the emotional toll of shame.
Spotify's head of Backstage on how to keep developers happy, and its plan to open source its framework for managing components as a "fleet."
DoorDash connects consumers with their favorite local businesses in more than 25 countries across the globe. A born-in-the-cloud company, DoorDash hosts the majority of its infrastructure, including its commerce platform, on AWS. This platform powers the ecosystem of customers placing orders, merchants fulfilling orders, and dashers performing deliveries. DoorDash's platform was built to achieve the […]
With Tabnine, DevOps teams can switch LLMs with its generative AI platform in order to conform with coding needs and resource requirements.
Popular Linux compression tool XZ Utils found with backdoor. Threat actors can remotely execute code on your machine, bypassing authentication.
Most executives lack deep security backgrounds. Although cybersecurity is a business issue, it's also highly technical and complicated.
Notorious threat group Earth Freybug uses new malware UNAPIMON to evade detection. This China-linked group is known for espionage and financial attack
Tired of chasing endless vulnerabilities? Enter Continuous Threat Exposure Management (CTEM). Prioritize critical exposures, streamline remediation, a
Exploring the shift from posture management to runtime threat detection in cloud security to counter real vulnerabilities and threats.
New features of Kubecost 2.2 can help IT teams reduce their carbon footprint and meet sustainability goals.
Google agrees to wipe billions of browsing records to settle class action lawsuit, alleging tracking without consent in Chrome's Incognito Mode.
Ruby on Rails created a framework for Ruby that provides foundational structures to enable faster development and speed to market.
TA558, the notorious threat actor, is back in action, hitting Spain, Mexico, U.S., and more with Venom RAT.
Last month, we announced the availability of two high-performing Mistral AI models, Mistral 7B and Mixtral 8x7B on Amazon Bedrock. Mistral 7B, as the first foundation model of Mistral, supports English text generation tasks with natural coding capabilities. Mixtral 8x7B is a popular, high-quality, sparse Mixture-of-Experts (MoE) model, that is ideal for text summarization, question […]
In this blog post, we will show you how to validate Terraform modules and how to automate the process using a Continuous Integration/Continuous Deployment (CI/CD) pipeline.
In the evolving landscape of network security, safeguarding data as it exits your virtual environment is as crucial as protecting incoming traffic. In a previous post, we highlighted the significance of ingress TLS inspection in enhancing security within Amazon Web Services (AWS) environments. Building on that foundation, I focus on egress TLS inspection in this […]
Welcome to the 25th edition of the AWS Serverless ICYMI (in case you missed it) quarterly recap. Every quarter, we share all the most recent product launches, feature enhancements, blog posts, webinars, live streams, and other interesting things that you might have missed! In case you missed our last ICYMI, check out what happened last […]
Introduction We are excited to announce general availability of Amazon Linux 2023 (AL2023) on Amazon Elastic Kubernetes Service (Amazon EKS). AL2023 is the next generation of Amazon Linux from Amazon Web Services (AWS) and is designed to provide a secure, stable, high-performance environment to develop and run your cloud applications. The standard AL2023-based EKS-optimized Amazon […]
Today is April Fool's Day. About 10 years ago, some tech companies would joke about an idea that was thought to be fun and unfeasible on April 1st, to the delight of readers. Jeff Barr has also posted seemingly far-fetched ideas on this blog in the past, and some of these have surprisingly come true! […]
Learn how the Service Mesh helps businesses to achieve compliance seamlessly while ensuring data security, better user access management and improved observability.
The ability of businesses to innovate is constantly reshaped by disruptive events and technological advancements. Recent global events, such as the pandemic and the rapid emergence of artificial intelligence (AI), have compelled companies across various industries to reevaluate and make crucial strategic pivots. One such move has been the embrace of cloud computing. It's a […]
With support for tags in the Backup and DR service, managing backups helps automate the protection of Compute Engine VMs.
Google Cloud Next will feature a robust security track this year. Here's 15 security-focused sessions you don't want to miss.
Continually reviewing your organization's incident response capabilities can be challenging without a mechanism to create security findings with actual Amazon Web Services (AWS) resources within your AWS estate. As prescribed within the AWS Security Incident Response whitepaper, it's important to periodically review your incident response capabilities to make sure your security team is continually maturing […]
Project post by Namkyu Park, Maintainer of LitmusChaos (LinkedIn | GitHub) This blog post provides step-by-step instructions for injecting chaos using LitmusChaos and managing it with Backstage.
Looking for a great new DevOps job? Check out these available opportunities at Visa, AWS and more!
Indian govt rescues 250 citizens trapped in Cambodia cyber scam rings. Victims were lured with fake jobs, then forced into illegal activities.
Fifteen years ago, Amazon CloudFront launched with 14 edge locations scattered around the world. Since then, it's been exciting to see how quickly we've grown to now having over 600 CloudFront Points of Presence (POPs) in more than 100 cities and 50 countries worldwide. We have continued to build and innovate, finding new ways to […]
CSA's draft white paper on organizational security responsibilities for AI offers actionable guidance for AI data security and vulnerability management.
Tech has a skills issue – and it's one that's not going away in 2024. Live team coaching can be an important part of the solution.
Traditional defense tactics don't always apply to cyber warfare. With EventSentry, bolster your network's defense with prevention, detection, and ongo
Android VPN apps hijacking devices, covertly turning them into proxy nodes for threat actors and fueling botnet operations.
Vultur Android banking trojan is back, stronger than ever. It steals sensitive data and remotely controls your phone.
eBPF, OIDC, A 20 year journey to fixing profiling, a platform maturity model and a range of other topics this week.
The observability waters have been muddy for awhile, and this article does a great job of taking a step back and building a definition — and a roadmap.
Review the definitions of 10 IAM terms, including authentication, authorization, Privileged Access Management, and Role Based Access Control.
Home is where the heart is. Or, if you're running Linux, it's where you mount the home directory. Here's how.
Malicious ads and fake websites are spreading dangerous malware that can steal your passwords, cryptocurrency, and other sensitive data.
This post goes over some practices for PKI implementation for an organization, such as AWS Private CA, Step CA with ACME, and Cert Manager
Secret backdoor found in XZ Utils compression library used by major Linux distros, like Fedora, Kali Linux, and openSUSE.
AWS Config enables businesses to assess, audit, and evaluate the configurations of their AWS resources by leveraging AWS Config rules that represent your ideal configuration settings. For example a Security Group that allows ingress on port 22 should be marked as noncompliant. AWS Config provides predefined rules called managed rules to help you quickly get […]
Amazon GuardDuty is a machine learning (ML)-based security monitoring and intelligent threat detection service that analyzes and processes various AWS data sources, continuously monitors your AWS accounts and workloads for malicious activity, and delivers detailed security findings for visibility and remediation. I love the feature of GuardDuty Runtime Monitoring that analyzes operating system (OS)-level, network, […]
Managing, maintaining and deploying applications and infrastructure securely and consistently remains an incredibly complicated challenge.
WebAssembly (Wasm) and eBPF are increasingly integrated in the under-the-hood workings of cloud native infrastructure.
Project post originally published on Kyverno's blog by Mariam Fahmy In the previous blog post, we discussed writing Common Expression Language (CEL) expressions in Kyverno policies for resource…
Security flaws found in Dormakaba's Saflok RFID locks used in hotels could turn your keycard into a master key.
Discover why traditional pentesting falls short in the cloud, and the importance of ACE principles in cloud security management.
A Tricentis survey found organizations could see massive costs savings by fully automating mobile application testing.
DevOps has a strong attachment to the IT operations of building and deploying software rather than to the design and coding phases.
Explore how AI's rise affects cybersecurity and compliance, addressing challenges and regulatory developments for future readiness.
The rise of low-code/no-code platforms in DevOps is reshaping the way software is developed and deployed throughout the life cycle.
TheMoon botnet, previously thought to be inactive, is back. Over 40,000 routers & IoT devices hijacked to power Faceless - a criminal proxy service.
A new Linux vulnerability puts user passwords at risk. It exploits the "wall" command to potentially leak passwords on Ubuntu & Debian systems.
Traditional pen testing: costly & infrequent. But with automation and AI, businesses can now affordably assess network security regularly.
Organizations using cloud services can comply with information security requirements by implementing the following controls.
Bad news for those who don't upgrade: Hackers keep finding vulnerabilities in software even after the application is no longer supported, Chainguard has found.
PyPI temporarily shut down new user sign-ups and project creation to combat a malicious malware upload campaign.
The LLM stack brings a different set of metrics than your team usually tracks. In this Makers episode, co-host Janakiram MSV identifies the new "golden signals."
At KubeCon Europe, we heard a lot about the current and future relationship of AI and Kubernetes, the orchestrator originally built to be stateless.
Deploying and managing infrastructure with all the dependencies is a challenging task. Complexity easily multiplies when you add multiple environments to the equation. Manual infrastructure management leads to valuable time spent deploying the infrastructure rather than adding business value. This is assuming that the deployment is successful without any errors in the first attempt. Infrastructure-as-Code […]
Developers have been using HTTP methods such as GET, POST, and DELETE for a significant period of time to interact with RESTful APIs. The widespread adoption of these methods is largely due to their user-friendliness. Users who are transitioning from on-premises NetApp storage to Amazon FSx for NetApp ONTAP can streamline their operations using its […]
In today's fast-paced digital landscape, the efficient management and accessibility of data stand as pivotal challenge for businesses. For a global team to efficiently collaborate on a project, they require a shared file storage that supports multiple protocols, robust data management features, and dependable data integrity. When deploying infrastructure repeatedly or in different environments, it […]
In the rapidly evolving digital era, effective data management and accessibility pose significant challenges for businesses. To foster seamless collaboration among global teams working on a project, there is a need for a shared file storage solution that accommodates various protocols, offers robust data management capabilities, and makes sure of reliable data integrity. When deploying […]
Linux users, beware. A nasty piece of malware named DinodasRAT is on the loose, targeting China, Taiwan, Turkey, and Uzbekistan.
Finland's Parliament was hacked! Police officially blame China's notorious APT31 cyber espionage group.
Platform engineering isn't solely about the tools and components but also about alignment within the organization and a special focus on understanding user needs.
If you're a network engineer or network security professional, check out these network and network security design sessions at Google Cloud Next '24.
In this newsletter, guest columnist Brian Roddy, vice president of security product management, gives you a preview of our Next conference.
Member post originally published on Netris's blog Public clouds have basically become identical. Most companies are paying way more for cloud infrastructure than they should. In a nutshell…
Beware of Darcula, a Phishing-as-a-Service platform targeting 100+ countries with over 20,000 fake domains.
Explainable AI (XAI) is dedicated to developing techniques that help us understand the reasoning behind an AI's output. Here are some examples.
Mirantis Container Cloud (MCC) will be retired as the company refocuses its support on large enterprise customers.
If you want to interact with Google Cloud through gcloud CLI or through code, you need to setup
Over 12,000 people joined us in Paris for KubeCon + CloudNativeCon Europe 2024 and while we talked about everything from artificial intelligence to sustainable computing, the biggest takeaway was the…
oin us for an exclusive webinar with experts from F5 DevCentral, OPSWAT, and THN. Dive deep into the current security landscape, compliance, threat de
Learn the steps to protect your custom-developed business-critical applications. Prevent your sensitive data from getting into the wrong hands.
Fermyon offers Kubernetes support to its Spin tool with the release of open source SpinKube and Fermyon Platform for Kubernetes.
By investing in open source frameworks and LGTM tools, SRE teams can effectively monitor their apps and gain insights into system behavior.
Community post by Seven Cheng | View part one here In the previous article, I gave an overview of Wasm's features and advantages. I also explained how to run Wasm modules within container environments.
Cognition Labs' Devin is creating a lot of buzz in the industry, but John Willis urges organizations to proceed with caution.
Researchers at ETH Zurich have cracked AMD Zen 2 & Zen 3 defenses against RowHammer attacks, naming their technique "ZenHammer".
he rush to release features often leads to shortcuts in security, exposing vulnerabilities through practices like hard-coding secrets.
Explore the urgent need for enhanced security visibility across hybrid cloud operations to mitigate vulnerabilities and streamline remediation.
Telegram's new Peer-to-Peer Login (P2PL) feature offers free premium membership but in exchange for using your phone number as a relay to send OTPs.
Analyze the traffic patterns on any public-facing website or web app, and you'll notice connection requests from all over the world. Apart from the intended traffic, a typical web application responds to requests from bots, health checks, and various attempts to circumvent security and gain unauthorized access. In addition to impacting your customer's experience, these […]
Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient's natural curiosity about being copied…
As the Chief Information Security Officer (CISO) at AWS, I'm personally committed to helping security teams of all skill levels and sizes navigate security for generative artificial intelligence (AI). As a former AWS customer, I know the value of hands-on security learning and talking in-person to the people who build and run AWS security. That's […]
Protecting against accidental or malicious deletion is a key element of data protection. Immutability protects data in-place, preventing unintended changes or deletions. However, sometimes it isn't clear for how long data should be made immutable. Users in this situation are looking for a solution that maintains short-term immutability, indefinitely. They want to make sure their […]
Many organizations are at risk of losing important business data due to disasters like fires, floods or cyber-attacks. Without proper backup and disaster recovery strategies, critical data could be lost forever in these scenarios. This could lead to costly downtime for businesses and damage to their reputation. Restoring normal operations after data loss takes time […]
While most app developers work for organizations that have platform teams, there isn't much consistency regarding where that team reports.
Generative artificial intelligence (AI) has captured the imagination of organizations and individuals around the world, and many have already adopted it to help improve workforce productivity, transform customer experiences, and more. When you use a generative AI-based service, you should understand how the information that you enter into the application is stored, processed, shared, and […]
Day Two DevOps is a phase in the SDLC that focuses on enhancing, optimizing and continuously improving the software development and deployment processes
Implementing authentication and authorization mechanisms in modern applications can be challenging, especially when dealing with various client types and use cases. As developers, we often struggle to choose the right authentication flow to balance security, user experience, and application requirements. This is where understanding the OAuth 2.0 grant types comes into play. Whether you're building […]
In part five of this series, hosts Alan Shimel and Mitch Ashley are joined by Bryan Cole (Tricentis), Ixchel Ruiz (Karakun AG) and Jeff Keyes (Planview)
A global survey suggests organizations are not making a lot of progress in their ability to truly observe application environments.
Indian government & energy sectors under attack. Hackers used phishing emails, weaponized 'HackBrowserData' malware to steal sensitive data.
Member post originally published on Ozone's blog by Amina Reshma Crack the Code: Ever wondered about developer experience, a.k .a. DevEx? Well, it's the whole shebang – the vibe, the tools…
Prioritizing the potential impact of a workload vulnerability starts with robust cloud workload protection and risk analysis.
Introduction The integration of Generative AI into cloud governance transforms AWS account management into a more automated and efficient process. Leveraging the generative AI capabilities of Amazon Bedrock alongside tools such as AWS Control Tower and Account Factory for Terraform (AFT), organizations can now expedite the AWS account setup and management process, aligning with best […]
CISA flags critical Microsoft SharePoint Server vulnerability under active attack. Patch immediately to protect your systems.
A now-patched vulnerability in Microsoft Edge could have allowed attackers to covertly install browser extensions without user consent.
This year's Valence Security report shows how cybercriminals are responding to the 'saasification' of the digital office.
So after 16 years, Stack Overflow Q&A is trying something brand new — another way to solicit helpful information outside of the site's long-standing question-and-answer format.
Backstage is a tremendously successful project that promotes a vision of how internal developer portals can alleviate the pain of sprawl.
Infrastructure is expanding in almost every possible way, and this creates more of a burden on every aspect of IT, specifically DevOps.
Despite SASE's strengths, it falls short against threats like phishing and malicious extensions. Learn why secure browser extensions are crucial for c
Researchers uncover active exploitation of a critical flaw in Anyscale Ray, a popular AI platform.
Learn about the EU AI Act, the first comprehensive artificial intelligence legislation, its impact today, and what it means for the future.
New phishing campaign uncovered by Trustwave SpiderLabs uses novel malware to deploy Agent Tesla, a notorious information stealer and keylogger.
Latest Cybersecurity reports unveil two China-linked APT groups targeting ASEAN nations in cyberespionage campaign over the past 3 months.
Organizations often need to store and serve various types of static content, such as data sets, archives, and file repositories, on the web. This content is typically accessed by end-users for research and analysis purposes or general content distribution. However, presenting this content in a user-friendly and easily browsable manner can be a significant challenge, […]
As we've innovated and expanded the Amazon Web Services (AWS) Cloud, we continue to prioritize making sure customers are in control and able to meet regulatory requirements anywhere they operate. With the AWS Digital Sovereignty Pledge, which is our commitment to offering all AWS customers the most advanced set of sovereignty controls and features available […]
The latest release of Java should make it easier for DevOps teams that build and deploy applications to innovate faster.
Suspicious NuGet package 'SqzrFramework480' discovered, potentially targeting devs using Chinese industrial tech. Package may be linked to industrial
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that…
Observability is about enabling every single engineer to proactively prioritize work efforts based on the analysis of data from all their systems and apps.
Implementing user authentication and authorization for custom applications requires significant effort. For authentication, customers often use an external identity provider (IdP) such as Amazon Cognito. Yet, authorization logic is typically implemented in code. This code can be prone to errors, especially as permissions models become complex, and presents significant challenges when auditing permissions and deciding […]
On January 24, we announced the availability of the AWS Well-Architected Migration Lens whitepaper. The Migration Lens extends the Well-Architected Framework to include best practices and implementation guidance you apply to your migration program across the three migration phases: Assess, Mobilize, and Migrate. The AWS Well-Architected Framework comprises design principles, and best practices across six […]
With an increasing focus on managing open-source software supply chain risk, both Citi and Google strive to apply more rigor across risk mitigation. Here's what we've learned.
Discover sensitive data and manage risks with Sensitive Data Protection for Cloud SQL. Here's what's new.
A selection of breakout sessions at Google Cloud Next '24 targeted at IT professionals.
Uncover the impact of Shadow AI on data privacy and intellectual property in SaaS applications, and explore solutions for mitigating related security risks.
KCD post by the KCD Italy Team The Kubernetes Community Days (KCD) Italy, a vibrant event supported by the CNCF, is back with a fresh twist. In 2024, the CNCF and the Linux Foundation required an…
This post is written by Robert Northard – AWS Container Specialist Solutions Architect, and Carlos Manzanedo Rueda – AWS WW SA Leader for Efficient Compute Karpenter is an open source node lifecycle management project built for Kubernetes. In this post, you will learn how to use the new Spot-to-Spot consolidation functionality released in Karpenter v0.34.0, […]
Uncover the pivotal role of cloud permissions within the MITRE ATT&CK Framework's Initial Access stage and strategies for mitigating related security risks.
Minecraft faces a growing threat from DDoS attacks, impacting over 500 million registered users. Learn how these attacks disrupt gameplay and what you
U.S. Department of Justice has unveiled indictments against seven Chinese nationals linked to the hacking group APT31.
A properly designed replication architecture can significantly impact the accessibility of your data and prevent management complications.
While 95% of developers and business leaders are familiar with cloud development environments (CDEs), the reasons for adoption vary.
Explore actionable security measures for Salesforce in light of a recent data exposure incident, emphasizing the prevention of vulnerabilities and misconfigurations.
US Treasury cracks down on cryptocurrency exchanges aiding Russia's sanctions evasion. Bitpapa, Crypto Explorer, and others sanctioned for facilitatin
CISA adds 3 security flaws to its Known Exploited Vulnerabilities catalog, citing active exploitation evidence
Cliff L. Biffle blogged a great write-up of a debugging odyssey at Oxide with the title Who killed the network switch? Here's the bit that jumped out at me: At the time that code was written…
Industries like automotive, robotics, and finance are increasingly implementing computational workloads like simulations, machine learning (ML) model training, and big data analytics to improve their products. For example, automakers rely on simulations to test autonomous driving features, robotics companies train ML algorithms to enhance robot perception capabilities, and financial firms run in-depth analyses to better […]
With so many storage tiers now available, it's vital to understand the differences between unstructured data migration and data tiering.
Azure Virtual Network Manager ensures that some critical security policies are enforced across your organization. Learn more.
AWS Summit season is starting! I'm happy I will meet our customers, partners, and the press next week at the AWS Summit Paris and the week after at the AWS Summit Amsterdam. I'll show you how mobile application developers can use generative artificial intelligence (AI) to boost their productivity. Be sure to stop by and […]
Member post by Fredric Newberg, CTO and Co-Founder of Embrace If you have a business-critical mobile app, you might be surprised to learn that your observability solution is dropping a large…
The dark web acts as a breeding ground for cyber threats. Cyber Threat Intelligence (CTI) provides strategic defenses against these hidden dangers.
There are no requirements for the length of SOC 2 period you select. It's based on your specific situation, but is typically three to twelve months.
Organizations need a scalable security orchestration framework that eliminates friction in DevSecOps workflows.
Russian state-backed hackers infiltrated Microsoft using a simple password spray attack. This breach highlights a major security lesson...
Sophisticated attack targets Discord bot site Top.gg + devs. Attackers stole browser cookies, pushed malicious code, and created fake Python packages.
Looking for a great new DevOps job? Check out these available opportunities at Nintendo, Hallmark and more!
The exponential growth of non-human identities has completely changed the identity access management landscape.
Read how Denmark's biggest media tech company has evolved from a focus on DevOps to one on improving and measuring developer experience.
Researchers uncover "GoFetch" vulnerability in Apple M-series chips, potentially allowing attackers to extract secret cryptographic keys.
Iran-linked hackers, MuddyWater, launch new phishing attacks against Israeli organizations.
Unreliable platform engineering, scaling databases, configuration management, software supply chain security and more this week. A good mix of interesting topics I think.
German authorities shut down Nemesis Market, an underground marketplace for drugs, stolen data, and cybercrime services.
Kimsuky shifts tactics, now using CHM files to deliver malware, targeting sensitive data globally.
Remember that cool lava lamp random number generator that Cloudflare uses? Now they have a couple of other sources of entropy, and they're teaming up with other companies.
Dive into the intricacies of CSA STAR Level 2, which includes both STAR Attestation (for SOC 2) and STAR Certification (for ISO/IEC 27001).
You don't always need third-party software to control multiple Linux servers — not when a bit of scripting magic can get the job done.
We look at Linear, a new project management tool that is certainly opinionated — about not adhering to the agile software philosophy.
Around 66 countries have agreed on what the term 'remote working' means, but some U.S. tech companies have decided otherwise.
ybersecurity firm Mandiant links recent cyber attacks on diplomatic entities to Midnight Blizzard, a group with ties to Russia's SVR.
The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move…
It's the last day, and so much has already happened! We've shown how amazing things can be created when we come together as a community. Here's a look at the highlights from day 4 of KubeCon +…
Architecting secure data transfer workloads is critical for today's businesses. Customers need to be sure that each end user can only access the minimally appropriate set of files and folders once authenticated to AWS Transfer Family. There are multiple Identity and Access Management (IAM) roles necessary when designing these authentication and access controls, and customers […]
By distributing tasks between the edge and the cloud, we can optimize AI applications for speed, efficiency, security and privacy.
Cloud Run volume mounts lets you mount a Cloud Storage bucket or NFS share to your Cloud Run service or job.
You can now monitor and set alerts for scaling limits on your Google Kubernetes Engine environment.
How Stanford researchers use Google Cloud data storage, computing and analytics to manage scientific data following DevOps principles.
HPC VM image makes it easy to build an HPC-ready VM instance for MPI workloads, and is now available with Rocky Linux 8 and CentOS 7 VMs.
When you migrate your Windows environment to Amazon Web Services (AWS), you might need to address certificate management for computers and users in your Active Directory domain. Today, Windows administrators commonly use Active Directory Certificate Services (AD CS) to support this task. In this post, we will show you how to migrate AD CS to […]
Uncover the critical security risks of non-human identities in cloud environments through a detailed analysis of supply chain attack techniques and strategies for robust defense.
Researchers at Palo Alto Networks Unit 42 uncover a new wave of phishing attacks delivering StrelaStealer malware, impacting over 100 organizations in
A now-patched vulnerability in AWS Managed Workflows for Apache Airflow (MWAA) could have allowed attackers to hijack sessions & execute code remotely
OpenTelemetry maintainers added profiling capabilities so DevOps teams can identify the root cause of issues down to a specific line of code.
Learn how to navigate FedRAMP Rev 5's new red team requirement with our guide on performing compliant internal exercises, ensuring your cloud services meet stringent security standards.
This blog post details how to run chaos experiments for serverless applications built using Lambda. The described approach uses Lambda extension to inject faults into the execution environment. This allows you to use the same method regardless of runtime or configuration of the Lambda function.
Any comprehensive approach to observability needs to include an analysis of the network services upon which organizations depend.
Over 39,000 WordPress sites have fallen victim to the Sign1 malware campaign in just 6 months, redirecting unsuspecting users to scam sites through ma
China-linked threat group aggressively exploits software flaws in Connectwise ScreenConnect & F5 BIG-IP.
Edge computing will drive a long-overdue convergence of DevOps, data engineering, security, networking, OT and MLOps best practices.
Introducing the ThreatLocker® Zero Trust Endpoint Protection Platform: Elevate your organization's cyber defense with policy-based controls.
Explore the concept of architecture drift: what it is, why it matters, and how application security posture management (ASPM) can help.
As we gear up to celebrate the remarkable 10-year journey of Kubernetes, we are thrilled to announce an exciting opportunity for the creative minds in our vibrant community. It's time to capture the…
CNCF is excited to announce the launch of the new Kubestronaut program. A Kubestronaut is someone who has passed all five of CNCF's Kubernetes-related certifications: Certified Kubernetes…
U.S. Department of Justice and 16 state AGs have filed a lawsuit against Apple, accusing it of maintaining an illegal smartphone monopoly.
AcidPour malware targets four telecom providers in Ukraine, linked to AcidRain and Russian military intelligence operations.
Running Ray on GKE takes advantage of existing global Google infrastructure components like Identity-Aware Proxy (IAP), for a more secure deployment.
Starting today, administrators of package repositories can manage the configuration of multiple packages in one single place with the new AWS CodeArtifact package group configuration capability. A package group allows you to define how packages are updated by internal developers or from upstream repositories. You can now allow or block internal developers to publish packages […]
It's a time of more: more data, more workloads, and more powerful technologies. So it's critical to ask ourselves how cloud native can help improve our environmental footprint. Here's what we heard at…
AWS recently announced support for mutually authenticating clients that present X509 certificates to Application Load Balancer (ALB). In this post, we discuss options for implementing this new feature, and things to consider while implementing. ALB operates at the application layer (layer 7 in the OSI model) and load balances incoming HTTP/HTTPS requests to backend targets. […]
In 2022, we launched AWS CloudTrail Lake, an immutable managed data lake designed to simplify audit, security, and compliance investigations by capturing, storing, and analyze AWS user and API activities. By providing immutable storage for your activity logs, CloudTrail Lake protects the integrity of your audit data by providing read-only access. CloudTrail Lake integrates seamlessly […]
CDE technology is driving the fastest DevOps transformation trend today with the entire cloud native development industry moving development environments online.
Grounded in Kubernetes 1.28 and CRI-O 1.28, OpenShift is Red Hat's platform for hybrid cloud and edge application development.
Russian threat group Turla strikes again! NGO in Europe hit with TinyTurla-NG backdoor.
Learn how to migrate your Windows Server to Azure with these expert resources—and maximize your business potential.
Now you can use NetApp's high-performance storage with your Google Cloud VMware Engine deployment.
New report reveals 800+ packages in the npm registry contain hidden code discrepancies.
Heinrich Smit has worked with CSA extensively over the years, collaborating with other experts on Zero Trust training and research.
Learn how Red Hat Enterprise Linux on Azure maximizes return on investment
Researchers uncover AndroxGh0st, a tool targeting Laravel apps to steal sensitive data from .env files, affecting AWS & Twilio accounts.
The SEC's Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rule is much harder to understand than people anticipate.
With the explosion of SaaS applications in the modern workplace, IT and security teams often struggle to keep up with vendor risk assessments.
DevSecOps requires teams to collaborate and enable the organization to deliver safer applications to customers without compromising security.
Generative AI can help address the challenges of unifying diverse testing needs into a single continuous testing platform.
Powered by GitHub Copilot and CodeQL, the new autofix feature covers 90% of alert types in JavaScript, TypeScript, Java, and Python.
Discover how CISOs and sewer engineers tackle complex system challenges using innovative cloud solutions like SASE for improved security and efficiency.
Breaking down OT cyber-attacks: Not all are complex! A new report delves into the types, historical trends, and what the future may hold for operation
U.S. Treasury announces sanctions against two Russian nationals & their companies for running cyber influence ops.
Atlassian has issued patches for over 25 security issues, including a critical SQL injection bug (CVE-2024-1597) in Bamboo Data Center & Server.
Ivanti announces critical RCE flaw in Standalone Sentry (CVE-2023-41724) with a high-risk CVSS score of 9.6.
Have your applications hosted on AWS ever experienced inter-Region or inter-Availability Zone (AZ) latency and you wanted to be proactively notified on these latency changes? This blog post describes an automated mechanism to set up those alarms. AWS has introduced the ability to understand the performance of the AWS Global Network by introducing Infrastructure Performance, […]
The open source team behind this observability software package take pride in its simplicity and easy scalability.
Video encoding and transcoding are critical workloads for media and entertainment companies. Delivering high-quality video content to viewers across devices and networks needs efficient and scalable encoding infrastructure. As video resolutions continue to increase to 4K and 8K, GPU acceleration is essential to real-time encoding workflows where parallel encoding tasks are necessary. Although encoding on […]
Amazon Payment Services (APS) is a payment service provider in the Middle East and North Africa. With its secure and seamless payment experience, it empowers businesses to build their online presence. Amazon Payment Services is based on a broad and complex microservice based architecture that are dependent on multiple AWS services, including Amazon Elastic Compute […]
We had an exciting and busy start to KubeCon + CloudNativeCon Europe 2024. Here's a look at some of the key moments of the day (and, spoiler alert: AI was the subject of a lot of conversation).
AI may never be a cure-all for observability, but it can certainly be a valuable companion.
Learn how NetRise uses large language models and Google-managed Cloud SQL for efficient vulnerability detection and code origin tracing.
Google Cloud is releasing an updated and stronger set of security defaults that can be implemented with Organizational Policies.
Researchers uncover a new DoS attack vector targeting UDP-based application protocols, potentially endangering hundreds of thousands of hosts.
Identity is the perimeter in the cloud. Identity security must be the foundation for a robust cloud security program.
This post is co-written with Dr. Jens Kohl, Daniel Engelhardt, and Sascha Kallin from BMW Group. The BMW Group – headquartered in Munich, Germany – is a vehicle manufacturer with 149,000 employees worldwide and manufactures in over 30 production and assembly facilities across 15 countries. Today, the BMW Group (BMW) is the world's leading manufacturer […]
Mastering cloud-native security: Essential insights on managing the expanded attack and detection surfaces in the public cloud, driving innovation safely.
Multiple threat actors exploit security flaws in JetBrains TeamCity to deploy ransomware, crypto miners, Cobalt Strike beacons, and Spark RAT
Generative AI is revolutionizing industries, but not without its challenges. A security breach could mean exposure of sensitive data.
Trellix is a global company redefining the future of cybersecurity. The company's open and native extended detection and response (XDR) platform helps organizations confronted with today's most advanced threats gain confidence in the protection and resilience of their operations. Trellix's security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning (ML) […]
For the most part, the demand for new technology to solve age-old problems has been a net increase in workload.
Empowering secure digital transformations: Uncover essential insights on mitigating Apache ActiveMQ vulnerabilities and combatting sophisticated cyber threats.
New threat: BunnyLoader 3.0 malware variant emerges with advanced modules for data theft, keylogging, and evasion tactics.
We are excited to announce that together with Linux Foundation Training and Certification, we now offer four additional courses to our community. Argo provides a robust framework for managing complex…
Ukraine Cyber Police have arrested 3 individuals linked to the hijacking of over 100 million email & Instagram accounts worldwide.
U.S. EPA creates Water Sector Cybersecurity Task Force to protect critical critical infrastructure against increasing cyberattacks.
Commerzbank explains how VPC Service Controls have helped them keep their sensitive data secure while using built-in Google Cloud storage and data processing capabilities.
It's not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts…
The new commercially-available MinIO Enterprise Object Store addresses the challenges of managing billions of objects in an exabyte scale namespace.
This is part 3 of a series of posts on securing generative AI. We recommend starting with the overview post Securing generative AI: An introduction to the Generative AI Security Scoping Matrix, which introduces the scoping matrix detailed in this post. This post discusses the considerations when implementing security controls to protect a generative AI […]
How to use Dapr, Knative Serving, and Dagger to build custom (and polyglot) developer experiences optimized for specialized workflows.
By combining automation and cultural transformation, organizations can unlock the full potential of DevSecOps.
If you couldn't get to KubeCon + CloudNativeCon Europe 2024 this year, we've got you covered. Here are highlights from the first day, which included a number of exciting co-located events.
Shocking report from Imperva finds API-related security incidents cost global businesses around $75 billion annually. Cybercriminals are exploiting AP
"We're going to invent a new way for you to receive and operate software," Nvidia CEO Jensen Huang proclaimed at this week's GTC.
The Microsoft Azure Container Networking team is excited to announce Retina, a cloud-native container networking observability platform. Learn more.
As the threat landscape evolves, you can use Google Cloud Armor to build a comprehensive DDoS mitigation strategy. Here's how.
Learn how KubeRay and Kueue can orchestrate Ray applications running on GKE using either priority or gang scheduling.
With automated installation of NVIDIA GPU drivers, it's easier than ever to add GPUs to AI workloads running on Google Kubernetes Engine (GKE).
To operate websites, mobile apps, or services accessible to public users in China, companies should complete internet content provider (ICP) recordal and host systems on local servers or approved cloud servers located in mainland China. Amazon Web Services (AWS) offers AWS China Regions, two Regions situated in China that allow customers to host websites and […]
For security teams, actively involving the Line of Business in your Zero Trust initiative will make all the difference.
Public IPv4 addresses have been a scarce resource going all the way back to 2011, when the Internet Assigned Numbers Authority (IANA) distributed the last block of unallocated public IPv4 addresses. Alongside, the private IPv4 range carved out by RFC1918 has also been too small for large networks and deployments, like containers that consume a […]
TestifySec's Witness aims to provide a solution to a problem that's long plagued DevOps teams: Communication and documentation in workflows.
Generative AI can modify malware source code to bypass string-based detection, significantly lowering the rates at which they're caught, according to
This week at KubeCon + CloudNativeCon EU in Paris, we are announcing the release of Fluent Bit v3, which includes several new features as well as performance enhancements. The release adds support…
Discover key cybersecurity strategies for protecting your organization against emerging email threats in 2024.
A JFrog survey found that 60% of IT professionals typically spend four days or more remediating application vulnerabilities in a given month.
New SEC Cyber Disclosure Rules demand more transparency on cyber risk management. Is your company ready to comply and showcase its cybersecurity resil
Cybercriminals are now using digital document publishing sites like FlipSnack, Issuu, and Marq for phishing and credential theft.
Explore the distinction between AI security and AI safety. AI security safeguards systems, while AI safety considers human well-being and ethics.
New "AcidPour" malware unleashed, targeting Linux x86 systems. This dangerous variant of the notorious AcidRain wiper can destroy your data.
Cross-post from the Cloud Native Sustainability blog by Antonio di Turi, Imma Valls, Kristina Devochko, Leonard Pahlke, Niki Manoledaki, Ross Fairbanks Cloud computing has a significant environmental…
Project announcement by Istio Maintainers The upcoming 1.22 version of Istio brings the Layer 4 features of the sidecar-less service mesh architecture to production readiness Istio…
The AI Working Group is pleased to announce the AI Working Group's Cloud Native AI whitepaper, which presents a brief overview of the state-of-the-art AI/ML techniques, followed by what cloud native…
Project post by Prithvi Raj, Community Manager, LitmusChaos + Saranya Jena, Maintainer, LitmusChaos With the cloud native community increasingly adopting more services and deployments…
We are excited to announce the availability of the OpenFeature Web SDK v1. The Web SDK represents a culmination of years of research and industry consensus. It was built from the ground up to be…
Project announcement by OpenTelemetry maintainers In 2023, OpenTelemetry announced that it achieved stability for logs, metrics, and traces. While this was our initial goal at the formation of the…
As containers and cloud native artifacts become common deployment units, users want to make sure that they are authentic in their environments. Notary Project is a set of tools and specifications…
New phishing attacks target US organizations. Hackers use NetSupport RAT to steal data & control computers.
Moldovan national gets 3+ years in US prison for running E-Root Marketplace, a massive platform selling stolen login details.
Overview In this blog post, we describe how to use Amazon Athena with Amazon CloudWatch Internet Monitor's measurement information stored on Amazon S3. You can use Athena to analyze event logs, and then build a dashboard to visualize the measurement logs and gain insights by using Amazon QuickSight. Internet Monitor publishes measurements to CloudWatch Logs […]
In today's fast-paced digital world, users expect fast and reliable web experiences. Slow-loading pages, errors, and other performance issues can lead to lower engagement and conversion rates, ultimately hurting a business's bottom line. That's where Real User Monitoring (RUM) comes in. Real User Monitoring (RUM) is a crucial aspect of modern web application development, allowing developers and […]
GKE is a foundational platform to run AI / ML workloads. NVIDIA NeMo framework on GKE demonstrates ease of provisioning infrastructure, building and customizing generative AI models for your environment.
Chainguard's secure Developer Images will now be available via Docker Hub as part of the Docker Verified Publisher program.
JetBrains introduces a new SaaS CI/CD tool called TeamCity Pipeline. It's available in public beta and features built-in optimizations.
New cyberattack campaign, DEEP#GOSU, uses PowerShell & VBScript to target Windows systems.
Storage, storage, storage! Last week, we celebrated 18 years of innovation on Amazon Simple Storage Service (Amazon S3) at AWS Pi Day 2024. Amazon S3 mascot Buckets joined the celebrations and had a ton of fun! The 4-hour live stream was packed with puns, pie recipes powered by PartyRock, demos, code, and discussions about generative […]
A conversation with Google Cloud Champion Innovator Rohan Singh on the future of infrastructure modernization.
The recognition of Google as a Leader in The Forrester Waveâ¢: AI Infrastructure Solutions, Q1 2024 is a testament to our track record and vision.
Assured Workloads can help you ensure comprehensive data protection and regulatory compliance with folders that support your compliance requirements. Here's how.
Using GKE to run your Ray AI workloads can deliver scalability, cost-efficiency, fault tolerance, isolation, and portability benefits.
Cross-posted from the cert-manager blog In late 2023 the cert-manager project began a security audit, sponsored by the CNCF and carried out by the team at Ada Logics, as part of the ongoing effort for…
Member post originally published on Sparkfabrik's blog by SparkFabrik Team The European Union (EU) has recently demonstrated a proactive stance towards cybersecurity regulation…
An effective, AI-aware security testing program can pick up on many potential risks and help teams patch vulnerabilities.
Learn how Microsoft Dev Box can help organizations "achieve massive improvements in developer productivity" according to the benchmark report by GigaOm.
Fortra patches critical flaw in FileCatalyst transfer tool. Vulnerability allows remote code execution via directory traversal.
Researchers uncover a sophisticated malware campaign using fake Google Sites pages and HTML smuggling to distribute AZORult, a notorious info stealer.
Orca Security has released the 2024 State of Cloud Security Report. Here's an overview of the main findings and statistics.
Looking for a great new DevOps job? Check out these available opportunities at the NHL, Hard Rock Digital, Zscaler and more!
Saudi Arabia's ECC represents a pivotal advancement in national cybersecurity, setting a new standard for compliance and protection in the Middle East.
Over 10,300 sites at risk due to a vulnerability in miniOrange plugins allowing unauthenticated password changes and admin access.
IBM X-Force uncovers extensive phishing campaigns by APT28, targeting Europe, the South Caucasus, Central Asia, and the Americas.
Gamedays as a technique for testing and improving performance and stability, pitfalls with measuring developer productivity, serverless databases, new code editors and more. A range of topics more than any theme this week.
The PGA TOUR is the world's premier membership organization for touring professional golfers, co-sanctioning tournaments on the PGA TOUR along with several other developmental, senior, and international tournament series. The PGA TOUR is passionate about bringing its fans closer to the players, tournaments, and courses. They developed a new mobile app and the PGATOUR.com website […]
They cover incidents from GitLab, Tarsnap, Roblox, and Cloudflare with great summaries and takeaways.
Cognition Labs previewed Devin, which it describes as the world's first software engineer based on artificial intelligence (AI).
Researchers at G DATA have exposed a scheme dubbed "gitgub" on GitHub, where 17 repositories were delivering the information stealer, RisePro.
We walk you through the installation and setup of Borgmatic, so your servers will be backed up when disaster strikes.
I'm finally trying to read through some Toyota-related books to get a better understanding of the lean movement. Not too long ago, I read Sheigo Shingo's Non-Stock Production: The Shing…
If you've spent time migrating non-AWS Terraform templates to the Amazon Web Services (AWS) Cloud, you know it can be a time-consuming, manual process with ample room for error. Most organizations would rather allocate engineering resources toward higher-value, more impactful initiatives such as cloud modernization. With all the latest rage about generative artificial intelligence (AI), […]
New CPU attack, "GhostRace" discovered. Exploits speculative execution + race conditions to steal sensitive data.
Analyzing and automating processes, infusing them with AI, and adopting a more intelligent approach to data management are the keys to achieving this objective.
CISO Phil Venables highlights the importance of developing psychological resilience in cybersecurity leadership, from our newest Perspectives on Security for the Board report.
Using Persistent Disk Async Replication for Windows Server disaster recovery minimizes costs, speeds up recovery, and minimizes manual intervention.
Learn how CISOs, security teams, and developers can communicate more effectively to drive overall business outcomes together.
Community post by Junya Okabe, Kaito Ii, and Nao Nishijima Japanese is the national language of Japan and is used daily by approximately 120 million people in Japan. It uses hiragana, kanji…
Ambassador post originally published on Medium by Yoshiyuki Tabata The era of Web 3.0 is upon us, and with it might come a shift in how we manage our digital identities.
As quiet as it's kept, Fly.io is creeping up on PaaS providers and the Big 3, amassing a large base of developers and forming strategic partnerships.
Here are several authorization features that may lead to authorization drift. Use explicit-deny over implicit-deny to avoid this.
In the world of software development, the integration of security into the software development life cycle (SDLC) is no longer a luxury.
Cybersecurity experts have uncovered new vulnerabilities in #ChatGPT's third-party plugins, posing a significant risk to user data and account.
Azure cross-tenant synchronization introduced a new attack surface on Microsoft Entra ID where attackers can move to a partner tenant or existing tenant.
Google announces a major upgrade to Safe Browsing! Real-time, privacy-preserving URL checks are now on Chrome for desktop & iOS.
Chinese users searching for Notepad++ & VNote on engines like Baidu face malicious ads leading to fake versions with trojans.
The data privacy company Onerep.com bills itself as a Virginia-based service for helping people remove their personal information from almost 200 people-search websites. However, an investigation into the history of onerep.com finds this company is operating out of Belarus and…
This tutorial will teach you how to set up a Go programming environment and write your first Golang program.
Google Cloud network observability partner ecosystem continues to expand with new network performance monitoring (NPM) partners and solutions.
Cloud HPC Toolkit's new ML blueprint spins up a HPC system on GPU-based A3 VMs that's designed for LLMs and other AI/ML workloads.
Today is AWS Pi Day! Join us live on Twitch, starting at 1 PM Pacific time. On this day 18 years ago, a West Coast retail company launched an object storage service, introducing the world to Amazon Simple Storage Service (Amazon S3). We had no idea it would change the way businesses across the globe […]
Member post by Sergey Pronin, Percona Before joining Percona almost 4 years ago I was a strong believer of the "Kubernetes is for stateless" and 12-factor apps approach. But there are two north stars…
2023 presented more cyber attacks than ever before, with more complex attack chains. Here are some key TTP highlights from 2023 you should know about.
CircleCI added a release orchestration capability to its namesake CI/CD platform to give developers more control over app deployments.
Mikhail Vasiliev, a 34-year-old Russian-Canadian, sentenced to nearly 4 years in jail for his role in the LockBit ransomware operation.
Amazon Virtual Private Cloud (Amazon VPC) endpoints, powered by Amazon Web Services (AWS) PrivateLink, can be used to privately connect your applications to AWS services as if they were in your VPC. For enterprises that use many AWS services, it may be difficult to understand which services are being used most often and therefore can […]
lamNote: To learn more about Amazon Route 53 Application Recovery Controller (Route 53 ARC), we recommend you read Part 1 and Part 2 of the series, and try out the examples. It demonstrates how the ARC service allows you to coordinate failovers and the recovery readiness of your application. In this blog post, we provide […]
Amazon EventBridge helps developers build event-driven architectures (EDA) by connecting loosely coupled publishers and consumers using event routing, filtering, and transformation. CloudEvents is an open-source specification for describing event data in a common way. Developers can publish CloudEvents directly to EventBridge, filter and route them, and use input transformers and API Destinations to send CloudEvents […]
As the year rolls on, here are a few key DevOps trends, from Apple Silicon to remote work to security, to watch for in 2024.
Delve into the multifaceted approach required to safeguard your business, including cybersecurity, phishing awareness, and network security.
Ramp plans are becoming a vital tool for containing cloud resources as companies try to control cloud sprawl and spending.
A high-severity flaw in Kubernetes, CVE-2023-5528, has been patched. This vulnerability allowed attackers remote code execution with SYSTEM privileges
AI's increasing integration into the wider DevOps framework will bring about significant changes in the way we approach software development.
CISOs globally are turning to Cato SSE 360 for seamless SASE and SSE transitions, achieving top results in visibility, threat prevention, and data sov
Protecting your business from BEC attacks is crucial. Learn about cybersecurity, IAM, and cloud security to stay ahead of cyber threats.
RedCurl cybercrime group found exploiting Windows Program Compatibility Assistant for malicious activities. This sophisticated method allows attackers
Blind Eagle expands its cyber attack realm! Now targeting North America's manufacturing sector with phishing emails.
A new DarkGate malware campaign uses a recently patched #MicrosoftWindows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
Fortinet warns of a severe flaw in FortiClientEMS allowing attackers to execute code remotely. CVE-2023-48788 has a CVSS score of 9.3.
Starting today, you can use InfluxDB as a database engine in Amazon Timestream. This support makes it easy for you to run near real-time time-series applications using InfluxDB and open source APIs, including open source Telegraf agents that collect time-series observations. Now you have two database engines to choose in Timestream: Timestream for LiveAnalytics and […]
Last week, Anthropic announced their Claude 3 foundation model family. The family includes three models: Claude 3 Haiku, the fastest and most compact model for near-instant responsiveness; Claude 3 Sonnet, the ideal balanced model between skills and speed; and Claude 3 Opus, the most intelligent offering for top-level performance on highly complex tasks. AWS also […]
Users have successfully leveraged Amazon Web Services (AWS) Snow Family to transfer petabytes of data between on premises and AWS Regions since its launch in 2015 with the AWS Snowball device. Increasingly, users are not just migrating data with the AWS Snow Family but now are using AWS Snowball Edge Compute Optimized devices to host […]
From the perspective of the ecosystem, OpenTofu's game-changing "credibility potential" could play a critical role in ushering in a universal standard.
Limitations of 3 popular tools in cyber security and a comprehensive look at what it takes to prevent malware threats in today's ever-evolving file up
New Dataflow streaming committed use discounts (CUDs) let you save 20% for a one-year commitment, or 40% for a three-year commitment.
We're excited to announce a slew of graduated project updates. Read on for some, but not all, of the latest news from the project teams, or get the comprehensive details on the video (which will…
Learn crucial strategies for enhancing HIPAA compliance and securing patient data to prevent healthcare breaches and maintain trust.
Flox's open source CLI tool enables developers to more easily spin up multiple custom development environments.
IBM reports a new evasion technique by PixPirate Android trojan targeting Brazilian users. The malware now hides its icon, making it undetectable on v
Organizations are increasingly turning to on-premise and hybrid-based digital trust solutions. Explore the factors driving this shift.
It's often challenging to adopt modern DevOps practices around infrastructure-as-code (IaC). Here's how to make the journey smoother.
Elastic is collaborating with OpenTelemetry across various areas, not solely on profiling but also on the common schema and the semantic convention.
If you have issues with Jenkins, look around. There are options. Find the best CI tool for you, not just the most convenient.
From Humans to Bots: Every Identity in Your SaaS App Could Be a Backdoor for Cybercriminals. Join an informative webinar on identity risks in SaaS app
Explore the impact of cybersecurity regulations like GDPR on consumer protection, and learn practical tips for enhancing online safety and privacy.
A new phishing campaign uses a Java-based downloader to distribute VCURMS & STRRAT RATs, leveraging public services like AWS & GitHub for malware host
Google's Gemini large language model faces vulnerabilities that could lead to security breaches, including leaking system prompts & generating harmful
How can platform engineering ease the way for enterprise cloud migration and DevOps, a decade or more into stalled legacy system modernization?
Happening on 19 March 2024 in Paris Co-chairs: Bartlomiej Plotka and Sonia Singla ThanosCon Europe is a day to learn about the work being put into the project by the community and all the rapid…
Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.
With the rise in data sovereignty and privacy regulations, organizations are seeking flexible solutions that balance compliance with data sovereignty regulations and the agility of the cloud. For example, to comply with data sovereignty regulations, users in the financial and healthcare industries need to deploy applications on premises and store data locally. To provide the […]
InterSystems IRIS is a cloud-based data platform optimized for high-throughput applications that must simultaneously process transactions and a range of analytics, including analytic SQL, business rules, and machine learning. Users use the InterSystems IRIS Data Platform to rapidly develop and deploy critical applications. InterSystems recommends that users consider several backup methods, such as external backups, […]
At re:Invent in 2023, AWS announced Infrastructure as Code (IaC) support for Amazon CodeWhisperer. CodeWhisperer is an AI-powered productivity tool for the IDE and command line that helps software developers to quickly and efficiently create cloud applications to run on AWS. Languages currently supported for IaC are YAML and JSON for AWS CloudFormation, Typescript and […]
We're excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate as a Tier 1 cloud service provider (CSP) for the AWS Middle East (UAE) Region. This alignment with DESC requirements demonstrates our continuous commitment to adhere to the heightened expectations for CSPs. Government […]
Most people think of disaster recovery as a mechanism to protect their applications against big events. However, in the fast-paced world of development where new code and infrastructure changes are occurring several times a month, it is important to put mechanisms in place to proactively understand impacts to the resilience posture of your applications. In […]
Community blog by Seven Cheng WebAssembly (Wasm) was originally created for the browser, and it has become increasingly popular on the server-side as well. In my view…
As the market continues to mature, both founders and investors need to evolve their thinking to ensure the long-term success of open source businesses.
Amazon Web Services (AWS) is pleased to announce the publication of our annual compliance assessment report on the Information Assurance Regulation (IAR) established by the Telecommunications and Digital Government Regulatory Authority (TDRA) of the United Arab Emirates (UAE). The report covers the AWS Middle East (UAE) Region. The IAR provides management and technical information security […]
Happening on 19 March 2024 in Paris Co-chairs: Tina Tsou and Mars Toktonaliev Kubernetes on Edge Day Europe is a celebration of the fact that edge computing is here and it's powered by Kubernetes. We'…
Celebrate CSA's 15th anniversary with this interview of Larry Whiteside Jr., CISO at RegScale and longtime CSA collaborator and supporter.
Project post by Prithvi Raj, Community Leader, LitmusChaos KubeCon + CloudNativeCon EU 2024 kicks off in the beautiful and mesmerising city of Paris a week from now from March 19-22.
Here's all you need to know about GCP Organization Policies and how to leverage them to centralize control over your environment.
Security Command Center Enterprise is the first multicloud risk management solution that fuses AI-powered SecOps with cloud security.
The integration of AI and ML in testing is a fundamental shift in how we approach software quality and reliability in DevOps environments.
7 malicious packages found on PyPI designed to steal wallet recovery phrases.
Artificial intelligence (AI) and machine learning (ML) are powerful tools in the realm of continuous testing the SDLC.
Curious about CTEM? It's not just a buzzword—it's a proactive strategy to identify, prioritize, and mitigate cyber risks.
Organizations should consider security when designing applications in the cloud, including access management, network security, and more.
The creator of PostgreSQL has teamed with the creator of Apache Spark to build a cloud OS on top of a distributed database, aiming to offer better security and less management complexity than the Linux/K8s combo so widely-used today.
WordPress sites under attack! A new malware campaign exploits Popup Builder plugin vulnerability (CVE-2023-6000) infecting over 3,900 sites
For the first time, a South Korean national, Baek Won-soon, has been detained in Russia on cyber espionage charges, now transferred to Moscow for furt
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple's new macOS Sonoma addresses at least 68 security weaknesses, and…
Introduction Selecting your first workloads to migrate your organization to AWS is a key stage in delivering a successful migration. In this blog post we provide guidance on how to select early migration candidates. We cover how selecting these candidates can help to kick-off a successful migration, reduce risk, and build skills inside your organization. […]
Amazon Web Services (AWS) is excited to announce that AWS Wickr has achieved Federal Risk and Authorization Management Program (FedRAMP) authorization at the High impact level from the FedRAMP Joint Authorization Board (JAB). FedRAMP is a U.S. government–wide program that promotes the adoption of secure cloud services by providing a standardized approach to security and […]
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from…
As AI integrates with cybersecurity, the need for AI training and standards grows. Here's how we can ensure a resilient digital infrastructure.
A week before KubeCon Taylor Dolezal, head of ecosystem and AI for the Cloud Native Computing Foundation, discusses how the CNCF is setting the stage for production-ready AI.
Hosting Kubernetes control planes as pods can enable (and simplify) operations for multicluster and Edge use cases. But, bring along some new requirements and concerns. And standards may be slow in coming.
Cross-posted from the Istio blog Announcing the latest member of the CNCF family of mascots. Having sailed into, and proudly graduated within the Cloud Native Computing Foundation in 2023…
Hear our security experts share strategies for fortifying your security posture and bolstering resilience to cyber threats at the first Security Talks of the year on March 13. Sign up today.
Introduction AWS CloudFormation customers often inquire about the behind-the-scenes process of provisioning resources and why certain resources or stacks take longer to provision compared to the AWS Management Console or AWS Command Line Interface (AWS CLI). In this post, we will delve into the various factors affecting resource provisioning in CloudFormation, specifically focusing on resource stabilization, which allows […]
Last Friday was International Women's Day (IWD), and I want to take a moment to appreciate the amazing ladies in the cloud computing space that are breaking the glass ceiling by reaching technical leadership positions and inspiring others to go and build, as our CTO Werner Vogels says. Last week's launches Here are some launches […]
Member post originally published on the Last9 blog by Prathamesh Sonpatki A detailed checklist of points you should consider before choosing a monitoring system By virtue of being a 'managed'…
Hackers are getting creative with CHAVECLOAK. This malware can block screens, log keystrokes, and even show fake pop-up windows to steal banking login
Cyber threats are escalating, making Privileged Access Management essential. Meet One Identity PAM Essentials: a cloud-based solution prioritizing sec
Learn how to protect Microsoft Azure from sophisticated cyberattacks with actionable security strategies for risk management and data safety.
Community post originally published on Medium by Maryam Tavakkoli Having attended my first in-person KubeCon + CloudNativeCon in Amsterdam in 2023, I gained invaluable insights that differed from my…
Ingy döt Net is brewing up a scripting language that brings to YAML all the programming capabilities many assumed it already had.
AI's impact on cybersecurity: unlocking potential while navigating threats, privacy, and the critical role of human oversight.
The applications for enhancing security observability with eBPF are vast, and it's increasingly valuable for DevSecOps use cases.
It's time for a data security makeover! Say goodbye to on-prem solutions and hello to Browser DLP. @LayerX's guide reveals the path forward.
Looking for a great new DevOps job? Check out these available opportunities at Broadcom, CGI, EY and more!
Learn from 1Password, BeyondTrust, Cloudflare, & Okta breaches: Key takeaways on Zero Trust, SaaS governance, and data security risks.
Hackers leveraging JetBrains TeamCity flaws to propagate BianLian ransomware attacks
Progress OpenEdge has a severe authentication bypass flaw (CVE-2024-1403). This could grant hackers unauthorized access.
Magnet Goblin, a threat group known for fast exploitation of 1-day vulnerabilities, targets edge devices & public servers to deploy malware.
VTEX is a multi-tenant platform with a distributed engineering operation. Observing hundreds of services in real time in an efficient manner is a technical challenge for the business. In this blog, we will show how VTEX created a resilient open source-based architecture aligned with a sharding strategy, using Amazon Managed Service for Prometheus (AMP) to […]
Build tools, API observability, eBPF, managing development environments and some comedic relief this week.
By way of the Tab key, Bash Completion can autocomplete your thorniest Linux and Docker commands. Here's how to set it up.
Russian hackers 'Midnight Blizzard' have accessed Microsoft's source code and internal systems. The state-sponsored group is actively exploiting stol
Do you need to capture terabytes or petabytes of data from the field, but struggle to offload the data efficiently, keep up with storage capacity, and maintain equipment in extreme environmental conditions? We commonly hear these challenges from customers who are capturing data in remote locations for future analysis. It is time consuming to offload […]
Organizations continue to grow their data lakes in the cloud as they build out new and innovative analytics, machine-learning, and generative AI workloads. At the same time, these workloads often access data that requires compliance with stringent data security and privacy standards. These compliance frameworks typically specify additional requirements for encryption at-rest, which leads customers […]
Member post originally published on the InfraCloud blog by Atulpriya Sharma A team of DevOps professionals working at DevOpsX had high expectations from the platform their organization just launched.
If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data…
A HijackLoader (IDAT Loader) sample has been identified that employs sophisticated evasion techniques to enhance the complexity of the threat.
Unpack CSA's guide for implementing DAAS protection with Zero Trust and explore practical steps for enhancing your organization's cybersecurity.
Containers accelerate application development and enhance deployment consistency across environments, thus enabling organizations to improve productivity and agility. AWS container services such as Amazon Elastic Container Service (Amazon ECS) make it easier to manage your application so you can focus on innovation and your business needs. Customer experience is the most important yardstick by which […]
Sumo Logic will no longer charge for ingesting log data into its observability platform to encourage DevOps teams to apply deeper analytics.
Years of SaaS innovation and disruption threaten the profitability of vendor-driven open source projects, forcing licensing changes.
Happening 19 March 2024 in Paris Co-chairs: Laurent Bernaille and Bill Mulligan Cilium + eBPF Day Europe will feature end user stories that highlight how the two technologies are really improving…
Meta announces plans for interoperability between WhatsApp, Messenger, and third-party messaging services in response to the EU's Digital Markets Act.
Arm-based processors, which are increasingly popular, may capture a significant share of the semiconductor market with RISC-V.
Navigate the complexities of Non-Human Identity (NHI) management in cloud environments. Learn vital strategies for secure machine-to-machine authentication.
Unlock the secrets to robust cybersecurity with our guide on secrets management. Learn the common mistakes, lesser-known pitfalls.
Cisco patches critical flaw in Secure Client software. Update NOW to prevent attackers from hijacking your VPN sessions.
Threat actors leverage QEMU emulator for network tunneling, bypassing traditional defenses in a sophisticated cyber attack. Kaspersky highlights the n
CISA has added a critical JetBrains TeamCity flaw (CVE-2024-27198, CVSS 9.8) to its KEV catalog due to active exploitation.
This post discusses a very in-demand feature for PKI, the automation of certificate provisioning. It covers validation modes and ACME.
Calls to distributed services aren't always responded to quickly. Rather than wasting time, learn how to make the external call asynchronously, only to be notified later on when the call completes.
appCD's platform analyzes an application about to be deployed and automatically generates the code to provision the required infrastructure.
Falco offers sensors across distributive architectures, and it's geared particularly for distributed architectures, notably Kubernetes, containers, etc.
GKE Autopilot uses Google Cloud's deep Kubernetes security expertise to configure your clusters to be move-in ready for your production workloads.
Learn how Google Kubernetes Engine (GKE) enables you to build a secure, scalable developer platform for fast and reliable application delivery.
Running Elastic Cloud on Kubernetes on GKE Autopilot removes the need to know, plan and size node pools to match the size of your Elastic nodes.
Community post originally published on Medium by Maryam Tavakkoli This article outlines my hands-on experience with implementing ArgoCD in our project. Drawing from these experiences, I've tried to…
Permiso today launched an open source tool dubbed CloudGrappler that surfaces indicators of compromise in cloud computing environments.
Over 700 WordPress sites hit by brute-force attacks using malicious JavaScript injections, leveraging innocent visitors' browsers to compromise more s
China-backed hackers, Evasive Panda, target Tibetan users in watering hole & supply chain attacks.
Sysdig discovered techniques that allowed the AWS Web Application Firewall to be bypassed using a specialized DOM event.
Database observability unlocks DORA metrics along with other indicators that matter to your DevOps, application, database and IT teams.
Paris, France, March 7th, 2024, CyberwireCompany Open Sources FHE Libraries to Build Privacy-Preserving Blockchain and AI Applications for the First
Software teams use DORA metrics in an organization to help improve their efficiency and enhance the effectiveness of company deliverables.
Phishers are adding new sophisticated techniques to their repertoire that make attacks harder to detect.
From Calendly integrations to SwiftPOS data transfers, non-human accounts play a crucial role in SaaS ecosystems. Learn why their security is as criti
Former Google engineer arrested for secretly working with Chinese tech companies while at Google. Linwei Ding charged with theft of AI supercomputing
New Python-based info stealer dubbed 'Snake' is leveraging Facebook messages to capture sensitive data, targeting credentials & cookies for malicious
Fake video conferencing websites mimic Google Meet, Skype, & Zoom to distribute malware to Android & Windows users.
This post is written by Jeff Harman, Senior Prototyping Architect, Vaibhav Shah, Senior Solutions Architect and Erik Olsen, Senior Technical Account Manager. Many industries are required to provide audit trails for decision and transactional systems. AI assisted decision making requires monitoring the full inputs to the decision system in near real time to prevent fraud, […]
The Securities and Exchange Commission (SEC) has adopted new rules to enhance and standardize climate-related disclosures by public companies and in Explore how the SEC's new climate-related disclosure rules are catalyzing a shift towards sustainability in corporate reporting, driving innovation in cloud computing, and promoting the development of energy-efficient AI solutions.
Slack has launched a new developer portal that is the new home for developers seeking information and help building Slack apps.
To safeguard data against natural disasters and ransomware attacks, many AWS users opt to protect their data by creating snapshots and replicating them to different AWS Regions. It is crucial for these users to monitor snapshots and associated data transfers for inter-regional costs, allowing them to provide accurate chargebacks to both internal and external stakeholders. […]
AWS Heroes are inspirational thought leaders who go above and beyond to knowledge share in a variety of ways. You can find them speaking at local meetups, AWS Community Days, or even at re:Invent. And these technical experts are never done learning—they're passionate about solving problems and creating content to enable the community to build […]
Today, I am pleased to announce the availability of Provisioned IOPS (PIOPS) io2 Block Express storage volumes for all database engines in Amazon Relational Database Service (Amazon RDS). Amazon RDS provides you the flexibility to choose between different storage types depending on the performance requirements of your database workload. io2 Block Express volumes are designed […]
Copado Explorer enables DevOps teams to integrate custom scripts into testing processes that can be repeated as required.
Project post by the Vitess Maintainers We're thrilled to announce the release of Vitess 19, our latest version packed with enhancements aimed at improving scalability, performance…
New malware campaign targets misconfigured servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis to deliver crypto malware.
Create microservices with gRPC with Spring, and leverage Managed Service for Prometheus and Grafana for monitoring and observability.
New compute classes, reservations, and improved price/performance enhance GKE Autopilot for running AI training and serving workloads.
Community post originally published on Linux.com by Tamimi Ahmad, Solace In basic terms, an event-driven architecture (EDA) is a distributed system that involves moving data and events between…
Forget the hype – artificial intelligence is here and it's only going to get more pervasive as time goes on. Luckily KubeCon + CloudNativeCon Europe 2024 has a plethora of keynotes, tracks…
The Apache Struts vulnerability CVE-2023-50164, with a critical CVSS score of 9.8, poses a significant threat to a wide range of industries.
BlackCat ransomware gang suspected of pulling a major exit scam. Bogus law enforcement seizure notice uploaded to their site as they shut down.
AISecOps, the application of DevSecOps principles to AI/ML and generative AI, means integrating security into models' life cycles.
Happening 19 March 2024 in Paris Co-chairs: Amber Graner and Ricardo Rocha Kubeflow Summit Europe will bring together end users, service managers and project maintainers. We will have multiple…
Unlock the secrets to SOC 2 compliance: Find the perfect auditor with our guide. Navigate the myths and ensure your cloud services meet top security standards.
At the heart of OpenHouse lies its Catalog, a RESTful table service that offers secure and scalable table provisioning alongside declarative metadata management.
Here are seven API observability anti-patterns and pitfalls to avoid to your APIs observable and your users happy.
Cloudflare's Magic Cloud Networking platform makes it simpler to programmatically manage multiple cloud networking environments.
Google's recent AI stumbles come at an inopportune time, but the concerns that made them address the controversy are worse than most know.
Reflectiz: The ultimate website security solution that proactively detects, prioritizes, and mitigates web threats. Say goodbye to client-side attacks
DevSecOps adds cybersecurity talent to the software development lifecycle so that hard-won security wisdom can guide DevOps personnel.
Excessive permissions & improper sharing pose risks in Google Drive. Discover how Material Security's platform helps manage and secure your data.
VMware releases updates for ESXi, Workstation, and Fusion to patch new security vulnerabilities with potential for code execution by attackers.
U.S. Department of Treasury sanctions individuals and entities of the Intellexa Alliance for distributing spyware.
Cisco Talos reveals that GhostSec & Stormous ransomware groups are now offering GhostLocker through a new RaaS program, STMX_GhostLocker.
Lotus Bane APT targets Vietnamese financial entity, first detected in March 2023.
pple rolls out crucial updates for iOS & iPadOS to patch actively exploited vulnerabilities CVE-2024-23225 & CVE-2024-23296, enhancing kernel memory p
Application modernization is a focus area for organizations of different sizes and across industries to achieve business objectives such as reduced time to market, improved cost efficiency, and better customer experience. Containers and container orchestration platforms have been one of the key enablers for these modernization initiatives. Many customers standardize on Kubernetes as a containers […]
Introduction Today, we are announcing the availability of Credentials Fetcher integration with AWS Fargate on Amazon Elastic Container Service (Amazon ECS). With this launch, you have the option of running Linux containers on Amazon ECS using both the Amazon Elastic Compute Cloud (Amazon EC2) launch type, as well as with AWS Fargate serverless compute launch […]
Techstrong Research underscores the critical role of database caching in supporting real-time applications and digital experience delivery.
North Korean hackers exploit ConnectWise ScreenConnect vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to deploy TODDLERSHARK malware.
Project post originally published on the Linkerd blog by Flynn This blog post is based on a workshop that I delivered way back in September 2023(!) at Buoyant's Service Mesh Academy.
Codefresh and Octopus Deploy will go a long way in unifying the deployments of cloud native architectures, particularly for large enterprises.
Use of long-term access keys for authentication between cloud resources increases the risk of key exposure and unauthorized secrets reuse. Amazon Web Services (AWS) has developed a solution to enable customers to securely authenticate Azure resources with AWS resources using short-lived tokens to reduce risks to secure authentication. In this post, we guide you through […]
Changing IT providers has always required time, effort, and money, but cloud computing has made that process easier than ever. Before cloud services, switching was often prohibitively difficult and expensive: over a multi-year process, companies would make up-front investments in new hardware and rewrite software to conform to their new provider's proprietary operating system. At […]
You told us one of the primary reasons to adopt Amazon Web Services (AWS) is the broad choice of services we offer, enabling you to innovate, build, deploy, and monitor your workloads. AWS has continuously expanded its services to support virtually any cloud workload. It now offers over 200 fully featured services for compute, storage, […]
Join the CSA-EU Cloud CoC collaboration for GDPR compliance and cloud security. Enhance trust with the STAR Registry. Start your adherence journey now!
Startup's software, in early access, auto-generates infrastructure from application code and automatically applies operations and security policies.
As technology continues to evolve rapidly, the role of platform engineering, bolstered by effective TDM, becomes increasingly crucial.
The evolution of CI/CD frameworks reflects the DevOps industry's dynamic nature and the demand for efficient software delivery pipelines.
Cycode has acquired Bearer, a provider of a set of tools for SAST, API discovery and identification of sensitive data.
Explore 2024's top email threats: AI attacks and sophisticated phishing, plus security strategies to safeguard your organization against cyber risks.
Over 225,000 OpenAI ChatGPT credentials were compromised and sold in underground markets by October 2023.
Hybrid environments are the new norm for mid-market companies, blending cloud agility with on-prem reliability. Discover how they navigate the securit
Beware of ZIP attachments in emails! TA577's new phishing tactic aims to steal NTLM hashes, posing a serious threat to enterprise security.
The new DNS threat snaring victims into fake investment schemes. Don't let sophisticated cyber tricks drain your wallet
JetBrains TeamCity vulnerabilities could let hackers take full control of your servers.
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription…
This blog post provides architectural guidance on AWS CloudHSM crypto user credential rotation and is intended for those using or considering using CloudHSM. CloudHSM is a popular solution for secure cryptographic material management. By using this service, organizations can benefit from a robust mechanism to manage their own dedicated FIPS 140-2 level 3 hardware security […]
Ambassador post by Annalisa Gennaro When I embarked on my journey as a CNCF Ambassador, little did I know that it would lead to unexpected opportunities, personal growth, and a deeper connection with…
Member post originally published on the Zesty blog by Pini Ben-Nahum When it comes to AWS discount plans, management approaches vary greatly. The often overlooked (Standard Reserved Instance) SRI has…
Happening on 19 March 2024 in Paris Co-Chairs: Melissa Logan and Sheetal Joshi Data on Kubernetes Day (also known as DOK Day) is, as its name suggests, a deep dive into how to get the most out of data…
How ZITADEL, an open source identity and access management solution, implements event sourcing right from the start.
When designing your Google Kubernetes Engine environment, learn when to choose between a regional or zonal cluster.
In September 2023, we announced a strategic collaboration with Anthropic that brought together their respective technology and expertise in safer generative artificial intelligence (AI), to accelerate the development of Anthropic's Claude foundation models (FMs) and make them widely accessible to AWS customers. You can get early access to unique features of Anthropic's Claude model in […]
This has been a busy week – we introduced a new kind of Amazon CloudFront infrastructure, more efficient ways to analyze data stored on Amazon Simple Storage Service (Amazon S3), and new generative AI capabilities. Last week's launches Here's what got my attention: Amazon Bedrock – Mistral AI's Mixtral 8x7B and Mistral 7B foundation models […]
Member post by Asaf Yigal, Co-Founder and CTO at Logz.io Software developers are all too familiar with the complexities that come with managing Kubernetes environments. From the layers of abstraction…
Unpacking DORA: EU's move to boost financial cybersecurity with strict standards on risk management and resilience. Key for EU finance firms facing a 2025 deadline.
Developers often move from single responsibility functions to the Lambda-lith when they architectures demand it, but both approaches have relative trade-offs. It's possible to have the best of both approaches by dividing your workloads per read and write operations.
Maximizing the value from Enterprise Software tools requires an understanding of who and how users interact with those tools. As we have worked with builders rolling out Amazon CodeWhisperer to their enterprises, identifying usage patterns has been critical. This blog post is a result of that work, builds on Introducing Amazon CodeWhisperer Dashboard blog and […]
ServiceNow, Hugging Face and NVIDIA are advancing a generative AI platform specifically trained to generate high-quality code.
A sophisticated Android app named XHelper is being used by criminals to manage money-laundering activities in India.
Jenkins, a CI/CD automation tool, released a security advisory regarding a new critical vulnerability that can allow arbitrary file read, leading to RCE.
Traditionally, scraping application Prometheus metrics required manual updates to a configuration file, posing challenges in dynamic AWS environments where Amazon EC2 instances are frequently created or terminated. This not only proves time consuming but also introduces the risk of configuration errors, lacking the agility necessary in dynamic environments. In this blog post, we will demonstrate […]
Low-code platforms have been created to meet the needs of moderately skilled app developers and competitively focused organizations.
A recent survey found that, on average, organizations have 55.5 security vulnerabilities each day in their remediation queue.
Looking for a great new DevOps job? Check out these available opportunities at New York City's MTA, Mayo Clinic and more!
Building a new application requires a thorough design process. During the design phase, avoid locking yourself to a specific cloud provider.
Facing the SaaS security maze? Discover how mid-market companies are navigating the complexities of rapid growth and evolving threats.
Over 100 AI/ML models discovered with malicious intent on the Hugging Face platform. The cyber realm faces a new threat.
U.S. agencies warn of Phobos ransomware attacks targeting vital sectors. Millions in ransom already paid.
Platform Engineering, alert design and some good real world stories of debugging, testing or building internal tooling this week.
This year's VOID Report is out, and it's well worth a read. The subtitle is "Exploring the Unintended Consequences of Automation in Software" which is a really good way to get me to read something!
A U.S. court has ordered Israeli spyware company NSO Group to disclose the source code and functionality details of its Pegasus spyware to Meta.
U.S. Department of Justice unveils charges against an Iranian national for a sophisticated cyber-attack campaign.
Last week, we announced that Mistral AI models are coming to Amazon Bedrock. In that post, we elaborated on a few reasons why Mistral AI models may be a good fit for you. Mistral AI offers a balance of cost and performance, fast inference speed, transparency and trust, and is accessible to a wide range […]
Logz.io's real-time anomaly detection simplifies correlation of the impact IT events have on business processes.
Learn how the AWS Quick Start team reduced documentation delays by implementing a docs-as-code solution based on GitHub and AsciiDoc.
New Relic is moving to make it simple to analyze and store telemetry data regardless of when it was collected.
Starting on April 1, our Kubernetes training and certification exams will move from a 36-month certification period to a 24-month certification period. This includes CKA, CKAD, KCNA, KCSA, PCA, ICA…
Member post originally published on Devtron's blog by Shubham Kumar TL;DR: In this article we'll learn about how to deploy Hashicorp vault in Kubernetes and how to fetch secrets from vault and…
Gail Coury, retiring CISO at F5, explores how cybersecurity has evolved and what the future holds.
Cryptocurrency users BEWARE! Sophisticated phishing kit actively impersonating major exchanges.
Explore the critical balance between cybersecurity compliance and risk management, emphasizing automation's role in enhancing security posture.
For many network security operators, protecting application uptime can be a time-consuming challenge of baselining network traffic, investigating suspicious senders, and determining how best to mitigate risks. Simplifying this process and understanding network security posture at all times is the goal of most IT organizations that are trying to scale their applications without also needing […]
A balanced approach to AI adoption in software development would result in a future where AI and human capabilities are intertwined.
AI-enabled tools will have a major impact on software development, increasing the volume and velocity of code delivery and innovation.
Observe added a Trace Explorer tool to its observability platform that simplifies search, analysis and visualization of billions of traces.
Securing your AWS environment can be a difficult process. Here are six best practices that can help you keep it secure.
Cybersecurity researchers have discovered a new variant of the BIFROSE remote access trojan targeting Linux systems, employing deceptive domains to mi
Learn from GitLab's 2017 incident: 300GB of data lost in seconds, but their transparent recovery is a masterclass in accountability.
Five Eyes intelligence alliance issued a cybersecurity advisory concerning cyber threat actors exploiting known vulnerabilities in Ivanti.
GitHub's new default push protection has got your back, scanning for secrets in public repos
The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. Instead, LockBit removed Fulton County's listing from its victim shaming website…
A Firefly survey suggests usage of infrastructure-as-code (IaC) tools is evolving rapidly in the cloud computing era.
Amazon Web Services (AWS) has released a new whitepaper to help financial services customers in Canada accelerate their use of the AWS Cloud. The new AWS User Guide for Federally Regulated Financial Institutions in Canada helps AWS customers navigate the regulatory expectations of the Office of the Superintendent of Financial Institutions (OSFI) in a shared responsibility environment. […]
Users who choose to migrate workloads to the cloud prefer to do so without modifying application code and without being required to learn new methods for managing data. Ideally they are seeking a cloud service with like-for-like functionality, and management similar to their on-premises infrastructure. The goal is to accelerate migration and deployment in the […]
AWS customers are increasingly relying on AWS User Notifications to monitor and get real-time notifications about the AWS resources that are most important to them. The AWS Console Mobile Application can be configured as a notification delivery channel, where users can monitor AWS resources, get detailed resource notifications, diagnose issues, and take remedial actions, from […]
Member post originally published on Fairwinds' blog by Andy Suderman In the rapidly evolving Kubernetes ecosystem, managing costs effectively is as critical as ensuring operational efficiency.
Member post originally published on Facets.cloud's blog by Pravanjan Choudhury $100,000 – for FREE. That's what you get when you sign up for the AWS startup program. Microsoft will see and raise at…
Quiz #21 was: An organization's critical online service has a Service Level Objective (SLO) of 99% uptime. Over a quarter, the service experienced several
Researchers have disclosed a new attack technique, "Silver SAML," targeting applications that use cloud identity providers such as Microsoft Entra ID.
In an era where data protection has become a vital concern for cloud providers, the EU Cloud Code of Conduct offers a seamless GDPR compliance solution.
A hybrid cloud is the future of cloud-native solutions for complex enterprise applications and data. Here's why.
Cloud optimization involves ensuring that you're not overprovisioning–or underprovisioning–your cloud computing resources.
Discover the Stealthy New Malware Targeting Telecom Networks! GTPDOOR uses GPRS Tunnelling Protocol for unseen levels of control.
Discover how the Cloudflare breach, stemming from the Okta compromise, underscores the critical need for holistic risk management in SaaS applications.
Happening 19 March 2024 in Paris Co-chairs: Rajas Kakodkar, Yuan Tang, and Marcin Wielgus Cloud Native AI Day aims to merge two cutting-edge domains – cloud native technologies and artificial…
Lazarus Group's latest exploit showcases unprecedented sophistication in cyber warfare, leveraging a zero-day flaw in Windows Kernel.
Cybersecurity isn't just about spending more; it's about spending smart. Discover how a risk-based approach can maximize your security ROI.
SPIKEDWINE cyber group targets European officials with sophisticated WINELOADER backdoor.
North Korean hackers infiltrated PyPI with malware-laden packages, exploiting common typos.
Two suspected China-linked cyber espionage clusters, UNC5325 and UNC3886, exploit Ivanti VPN flaws, deploying new malware.
President Biden signs Executive Order to prevent mass data transfers to 'countries of concern'. A bold move to protect Americans' genomic, biometric,
Member post originally published on Coredge's blog by Coredge Marketing Adopting cloud computing is not always a one-way path as one might think. The cloud does not have all the answers…
Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target's account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and…
This post discusses how to create containers that are smaller and more secure by including Wolfi as the base image when creating containers using Cloud Native Buildpacks.
In this post, I'll show how you can export software bills of materials (SBOMs) for your containers by using an AWS native service, Amazon Inspector, and visualize the SBOMs through Amazon QuickSight, providing a single-pane-of-glass view of your organization's software supply chain. The concept of a bill of materials (BOM) originated in the manufacturing industry […]
There's some misunderstanding about what Buoyant's decision to charge organizations with 50 or more users for access to the stable releases of its open source service mesh actually means.
In this newsletter, guest columnist Charley Snyder, public policy expert at Google, explains our new AI initiative announced at the Munich Security Conference.
With Private Service Connect (PSC), you can create private and secure connections from Apigee to your backend Google Kubernetes Engine (GKE) targets.
With its intention to develop a whole-of-government zero trust approach, Australia has taken a step in the right direction when it comes to cybersecurity.
Cyber espionage intensifies as UNC1549, linked to Iran, targets aerospace and defense in the Middle East.
What are the new golden signals you need to follow to make sure your AI applications behave properly? Adrian Cockcroft offers answers in this episode of Makers.
You can use Amazon Security Lake to simplify log data collection and retention for Amazon Web Services (AWS) and non-AWS data sources. To make sure that you get the most out of your implementation requires proper planning. In this post, we will show you how to plan and implement a proof of concept (POC) for […]
Imagine a world where software developers build applications quickly on the cloud, focusing on innovative features, unburdened by complex infrastructure and intricate configurations. Welcome to the era of the cloud platform team. Cloud platform teams build internal tools, automation, and self-service infrastructure to free developers from commodity tasks and enable them to innovate faster. However, […]
A concerning surge in ransomware attacks in 2023 has significantly reshaped the cybersecurity landscape.
JFrog's integration with Qwak's MLOps platform will advance collaboration between teams building and deploying software artifacts.
BlackCat ransomware returns with a vengeance, healthcare sector under fire. U.S. government warning a must-read.
Advances in automated testing have great potential, but there are also downsides to consider as the technology matures.
First-party data is your goldmine for deep customer insights. Learn to leverage it while staying privacy-compliant at our upcoming webinar.
The recently released Guidelines for Secure AI System Development will assist developers of AI systems in reducing system risks before security issues arise.
Learn about the inefficiencies of perimeter-based security and the shift towards a more secure communication between users, systems, and networks.
Discover how sophisticated hackers are targeting Mexico with TimbreStealer, a new malware on the block.
Nations unite to warn against the MooBot botnet threat targeting Ubiquiti EdgeRouters.
Amazon Web Services (AWS) is pleased to announce that AWS Payment Cryptography is certified for Payment Card Industry Personal Identification Number (PCI PIN) version 3.1 and as a PCI Point-to-Point Encryption (P2PE) version 3.1 Decryption Component. With Payment Cryptography, your payment processing applications can use payment hardware security modules (HSMs) that are PCI PIN Transaction […]
Explore the Cross-Cloud Network architecture ebook and learn how Google's global scale network can support your enterprise multicloud and hybrid needs.
Security Command Center Premium now works with organization policies to provide near real-time detection of changes to policies and to AI resource configurations.
Keep a real-time eye on running your eBPF programs with open source bpftop.
Amazon Web Services (AWS) is excited to announce that a new Information Security Registered Assessors Program (IRAP) report (2023 H2) is now available through AWS Artifact. An independent Australian Signals Directorate (ASD) certified IRAP assessor completed the IRAP assessment of AWS in December 2023. The new IRAP report includes an additional seven AWS services that are now assessed at the […]
Member post originally published on Bouyant's blog by Scott Rigby Progressive delivery is a vital tool for ensuring that new code is deployed safely to production with automated protections if things…
This is part two of our series on Tackling AI Together. We're looking at this new challenge/opportunity in the cloud native world and asking how we can work together – and bring in new voices – to get…
A critical flaw in LiteSpeed Cache for WordPress allows unauthenticated privilege escalation. Over 5M sites at risk
Get ready to be surprised at KubeCon + CloudNativeCon Europe 2024 because we have so many new offerings this year. Here's everything you need to know. Interested in the latest cutting edge cloud…
John DiMaria, former STAR Program Director at CSA, reflects on leading the CSA STAR program.
Learn the details of the Midnight Blizzard attack on Microsoft's Entra environment, one of the most sophisticated attacks seen on similar platforms.
Amazon Web Services (AWS) was recognized by KuppingerCole Analysts AG as an Overall Leader in the firm's Leadership Compass report for Policy Based Access Management. The Leadership Compass report reveals Amazon Verified Permissions as an Overall Leader (as shown in Figure 1), a Product Leader for functional strength, and an Innovation Leader for open source […]
Because of the critical nature of the DevOps pipeline, security is becoming a top priority. Here's how to integrate DevSecOps.
Xeno RAT, a new player in the malware scene, boasts alarming features for remote system exploitation. Learn more about its impact on Windows systems.
The columnar storage file format is designed for IoT's unique needs, including reduced network transmission and cloud computing resources.
A no shift strategy argues for developing and testing directly in production, bypassing the traditional dev-to-production delivery pipeline.
Azure Policy is a service within Microsoft Azure that allows organizations to create, assign, and manage policies and is used for resource consistency and regulatory compliance.
Alert overload is a critical challenge for SOC professionals. Learn how threat intelligence platforms can streamline investigations and bolster cybers
Hugging Face vulnerability allows attackers to hijack machine learning models.
Russian hackers target cloud infrastructure. Learn their tactics & how to defend yourself.
It's proven! Learn how and why an investment in developer experience — DevEx — is an investment in innovation and profit.
A critical security flaw (CVE-2024-1071) in the WordPress plugin Ultimate Member has been disclosed, affecting over 200,000 active installations.
The management of security services across organizations has evolved over the years, and can vary depending on the size of your organization, the type of industry, the number of services to be administered, and compliance regulations and legislation. When compliance standards require you to set up scoped administrative control of event monitoring and auditing, we […]
Have you ever wanted to host your own GitLab repositories? With the help of both Ubuntu Server and Docker, you can do just that.
This blog post provides recommendations that you can use to help improve resiliency in the unlikely event of disrupted availability of the global (now legacy) AWS Security Token Service (AWS STS) endpoint. Although the global (legacy) AWS STS endpoint https://sts.amazonaws.com is highly available, it's hosted in a single AWS Region—US East (N. Virginia)—and like other […]
The Community AWS re:invent 2023 re:caps continue! Recently, I was invited to participate in one of these events hosted by the AWS User Group Kenya, and was able to learn and spend time with this amazing community. AWS User Group Kenya Last week's launches Here are some launches that got my attention during the previous […]
The new internal range API lets you allocate subnets from a free address range within your VPC, and reserve or protect internal or external ranges.
In the face of rising cyberthreats, organizations must treat cybersecurity as a business issue and take proactive measures to protect themselves.
With Akeyless DFC, encryption keys are created as distributed fragments in the cloud. This means there's no key and, thus, no vault to manage.
Ukrainian entities in Finland targeted in a malicious campaign distributing Remcos RAT using IDAT Loader.
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce the first ever Winter 2023 AWS System and Organization Controls (SOC) 1 report. The new Winter SOC report demonstrates our continuous commitment to adhere to the heightened expectations for cloud service providers. The report covers […]
Today, I am happy to announce that we are working on an AWS Region in Mexico. This AWS Mexico (Central) Region will be the second Region in Latin America joining the AWS South America (São Paulo) Region and will give AWS customers the ability to run workloads and store data that must remain in-country. Mexico […]
Over 8,000 subdomains belonging to recognized brands and organizations are being exploited for malicious email distribution.
An effective certificate lifecycle management (CLM) solution must provide multiple mechanisms to discover certificates.
Let's explore the impact of generative AI in key DevOps roles and explain how to prepare ourselves for the shift.
Fake npm packages linked to North Korea threaten software supply chain. Read on for details and protection tips.
CheerpJ 3.0 represents a significant advancement in deploying applications in the browser with WebAssembly, particularly with Java.
Brea, California, February 26th, 2024, CyberwireThe current large surge in cyber threats has left many organizations grappling for security so
Looking for a great new DevOps job? Check out these available opportunities at Stanford University, Northrop Grumman and more!
PCI DSS exists as a crucial framework for protecting sensitive data. Explore its significance, requirements, business impact, and what to expect when complying.
Over 10 million secrets were exposed in public GitHub commits last year alone. Are your secrets safe? Learn how to protect your data in the age of AI.
MAC silicon M1/M2 chips use ARM architecture which is different from x86 used by Intel processors. The only
Cybersecurity experts uncover a surge in phishing attacks using Google Cloud Run to distribute banking malware across LATAM and Europe.
LockBit ransomware group resurfaces after law enforcement takedown, claims FBI 'hacked' their infrastructure and leaked information.
At some point, you're going to have a Linux server that includes directories that clients need to access from your network. Your best bet for this is Samba.
Configuration management, long term support, data management, monitoring and testing this week. The breadth of challenges in modern operations is always interesting, and while some are evergreen, the tools and approaches to solving are constantly evolving.
In a dramatic turn of events, LockBitSupp, a key figure in the notorious LockBit ransomware operation, is reportedly cooperating with law enforcement.
The FBI's takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish…
This article discusses building failure management directly into our systems, using Erlang as a case study.
Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit.
Running distributed machine learning (ML) workloads on Amazon Elastic Container Service (Amazon ECS) allows ML teams to focus on creating, training and deploying models, rather than spending time managing the container orchestration engine. With a simple architecture, control plane transparent upgrades, and native AWS Identity and Access Management (IAM) authentication, Amazon ECS provides a great environment […]
Introduction AWS Service Catalog and AWS CloudFormation now support Git-sync capabilities to allow Platform Engineers to streamline their DevOps processes by keeping their Infrastructure as Code (IaC) templates in their source control libraries like GitHub and BitBucket. These enhancements help Platform Engineers to more effectively create, version, and manage their Well-Architected patterns with application teams […]
This post is co-written with Suraj Nair, Sr. DevOps Engineer at Grover. Introduction Grover is a Berlin based global leader in technology rentals, enabling people and empowering businesses to subscribe to tech products monthly instead of buying them. As a pioneer in the circular economy, Grover's business model of renting out and refurbishing tech products results […]
Infrastructure as Code (IaC) is hot again. Organizations are realizing that their complex system deployments should be repeatable, in that
Troubleshooting often involves complex analysis across fragmented telemetry data. While alarms on metrics can signal high-level deviations, deeper context often resides in other areas such as log messages, which help uncover the root cause. This disjointed approach not only consumes time and effort, but also inflates telemetry costs. In this post, we'll showcase how structured […]
Member post originally published on Logz.io's blog by Dotan Horovits In the labyrinth of IT systems, logging is a fundamental beacon guiding operational stability, troubleshooting, and security.
Many customers run their mission critical container workloads on Amazon Web Services (AWS) using Amazon Elastic Kubernetes Service (Amazon EKS). One of the key focus areas for them is to analyze and act on operational events quickly. Getting real-time visibility into performance issues, traffic spikes and infrastructure events can enable teams to quickly address issues and […]
Dell updated its edge computing platform to make it simpler to programmatically provision infrastructure using DevOps best practices.
Mistral AI, an AI company based in France, is on a mission to elevate publicly available models to state-of-the-art performance. They specialize in creating fast and secure large language models (LLMs) that can be used for various tasks, from chatbots to code generation. We're pleased to announce that two high-performing Mistral AI models, Mistral 7B […]
Dormant Python package compromised on PyPI. Update pushed Nova Sentinel malware.
Before reaching out to Cloud Support, check out this post for useful tips on tackling issues related to Private Service Connect.
There are no simple solutions to securing cloud credentials, but one way to get started is to stop using service account keys. Here's how.
When building API-based web applications in the cloud, there are two main types of communication flow in which identity is an integral consideration: User-to-Service communication: Authenticate and authorize users to communicate with application services and APIs Service-to-Service communication: Authenticate and authorize application services to talk to each other To design an authentication and authorization solution for these […]
The advent of AI tools introduces a new dynamic to concerns over intellectual property theft.
Deep dive into the non-human identities attack surface, how it's created, how attackers exploit it, and what steps you can take to minimize your exposure now.
To avoid data loss and maintain a level of protection, organizations need a blueprint for adopting their hybrid cloud systems.
It probably doesn't get any better than Paris in the spring, but throw in the cloud native community, and… c'est magnifique! To make sure we all get the absolute most out of Paris, we asked our local…
As businesses scale and diversify AWS services, it's crucial to manage costs to ensure cloud spending aligns with strategic objectives.
Microsoft releases PyRIT, an automation tool designed to proactively identify risks and ethical concerns in Generative AI systems, including security
SOC Automation Capability Matrix revolutionizes how teams respond to incidents. Discover a new era of cybersecurity! Dive in for a transformative appr
Heading into 2024, application security teams should keep in mind these key issues and steps to defend their custom software applications.
Happening on 19 March 2024 in Paris Co-chairs: Helen Greul, Balaji Sivasumbramanian, Waldir Montoya BackstageCon is the event that showcases platform engineering, a white hot space today.
A high-severity flaw in Apple's Shortcuts could expose your data without consent! Learn how Apple patched this with iOS 17.3 and more.
FTC fined Avast $16.5 million for deceptively collecting and selling users' browsing data.
The latest version of the AWS HITRUST Shared Responsibility Matrix (SRM)—SRM version 1.4.2—is now available. To request a copy, choose SRM version 1.4.2 from the HITRUST website. SRM version 1.4.2 adds support for the HITRUST Common Security Framework (CSF) v11.2 assessments in addition to continued support for previous versions of HITRUST CSF assessments v9.1–v11.2. As […]
This post is written by Beau Gosse, Senior Software Engineer and Paras Jain, Senior Technical Account Manager. AWS Lambda now supports .NET 8 as both a managed runtime and container base image. With this release, Lambda developers can benefit from .NET 8 features including API enhancements, improved Native Ahead of Time (Native AOT) support, and […]
Users face challenges in their digital transformation journey involving the migration of data across various platforms, on-premises file systems, and other cloud services. When using other cloud providers, scenarios arise where the seamless transfer of data becomes essential. Whether executing a one-time data transfer or integrating it into a scheduled workflow, minimizing business downtime is […]
The AWS Global Security & Compliance Acceleration (GSCA) Program has released AWS Customer Compliance Guides (CCGs) on the AWS Compliance Resources page to help customers, AWS Partners, and assessors quickly understand how industry-leading compliance frameworks map to AWS service documentation and security best practices. CCGs offer security guidance mapped to 16 different compliance frameworks for more than […]
Here are five tips to enhance the DevSecOps experience for developers, focused on making security tools more usable to unlock faster releases of more secure products.
Apple's iMessage is getting a major security boost with PQ3, the 'strongest' post-quantum encryption yet
Looking back at 2023, the Mandiant Managed Defense team highlights key observations from its cybersecurity engagements.
In 2023, AI adoption rates soared for LLMs. Many industries are incorporating AI into common processes (healthcare and autonomous driving). What about cybersecurity?
Users face challenges in their digital transformation journey involving the migration of data across various platforms, on-premises file systems, and other cloud services. When using other cloud providers, scenarios arise where the seamless transfer of data becomes essential. Whether executing a one-time data transfer or integrating it into a scheduled workflow, minimizing business downtime is […]
Tabnine's generative AI testing platform can make more accurate and personalized recommendations based on engineering patterns.
EDA and the adoption of event streaming throughout enterprises are essential architectural requirements, but can introduce complexity.
Staff post by Chris Aniszczyk We are happy to announce Poster Pavilion sessions, which will debut at the upcoming KubeCon + CloudNativeCon Europe in Paris next month. Post sessions are a unique…
A new data leak that appears to have come from one of China's top private cybersecurity firms provides a rare glimpse into the commercial side of China's many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies…
Security AND compliance have become central to success. Delve into 5 key takeaways on navigating risk and compliance, new evidence-collection approaches, and more.
By leveraging modern build health tools, DevOps teams can more effectively monitor a project's overall quality and performance.
A tool intended for security, SSH-Snake, now aids attackers in exploiting networks. Discover the depths of its reach and how to safeguard your infrast
Russian government software compromised in suspected North Korean cyberattack. Konni RAT backdoor discovered in Ministry of Foreign Affairs tool.
Hacktivism is reshaping the battlefield in the digital era, merging cyber tactics with political activism. Discover how this trend is influencing geop
U.S. State Department has set rewards of up to $15 million for information leading to the identification and arrest of LockBit ransomware group member
Member post originally published on Nirmata's blog by Anusha Hegde As Infrastructure as Code (IaC) continues to gain popularity among DevOps practitioners for its efficiency and scalability…
Member post originally published on Last9's blog by Aniket Rao Here's a detailed blog post on monitoring Cloudflare Workers using Prometheus Exporter. We discuss the data flow of how Prometheus…
Cost is top of mind for many enterprises, and building awareness of different cost contributors is the first step toward managing costs and improving efficiency. Costs for transferring data may segregate into common but low cost and less frequent but higher cost groups. Data about these two groups is mixed together, and separating them enables […]
Starting in May, if you want a fully-compiled version of the open Linkerd to download and run, you will have to go with Buoyant's commercial distribution.
Overcoming batch-oriented architectures and embracing the advantages of streaming data are foundational to robust AI deployments.
The AI professional, who may not have operations experience, can define and orchestrate an ML stack, using Python or another language of their choice.
You can use open-source runtime security platform Falco with Google Kubernetes Engine to monitor cluster and container workload security. Here's how.
Recent performance testing of the Aeron messaging framework by Adaptive demonstrates Google Cloud's fitness for running digital exchanges.
Two new Arm processors increase the performance-per-socket provided by 50% and performance-per-watt provided by 20%, respectively.
Together with Linux Foundation Training and Certification and the Continuous Delivery Foundation, we are happy to announce the GitOps Associate (CGOA) certification, designed for DevOps engineers and…
Millions of Android, Linux, and ChromeOS devices are vulnerable new Wi-Fi attacks! Hackers can steal data or spy on you.
Lacework sat down with Rahul Gupta, Head of GRC at Sigma Computing, to discuss the evolving security industry, generative AI in cybersecurity, and more.
Microsoft is expanding our cloud infrastructure, in Europe, to support the growing demand for cloud services. Learn more.
seThis post is written by Eder de Mattos, Sr. Cloud Security Consultant, AWS and Fernando Galves, Outpost Solutions Architect, AWS. In this post, you will learn how to deploy an Amazon EMR cluster on AWS Outposts and use it to process data from an on-premises database. Many organizations have regulatory, contractual, or corporate policy requirements […]
Organizations can maintain their DevOps momentum while protecting the software supply chain by shifting security left.
Cycode's generative AI capabilities in its ASPM platform make it simpler for DevSecOps teams to identify the root cause of vulnerabilities.
Understanding SOC 2 Compliance: Comparing Insights from Industry Experts and ChatGPT.
Techstrong Research finds the imperative to secure the software supply chain and CI/CD pipelines is undeniable and urgent.
Mustang Panda escalates cyber espionage in Asia with advanced DOPLUGS malware. Discover how this China-linked group targets nations with sophisticated
Don MacVittie asks the existential question: What, exactly, are we trying to achieve through DevOps' integration with AI?
With the explosion of SaaS applications in most orgs, identity governance tasks can easily overwhelm the IT team. Learn how to automate many of these
Explore causes for caution when using AI, cases for optimism, and recommendations to build a successful and responsible AI adoption strategy.
Cybercriminals are targeting healthcare, exploiting vulnerabilities for huge ransoms. It's not just data at stake; it's patient care.
VietCredCare targets Facebook advertisers in Vietnam, hijacking accounts with positive Meta ad credits.
Signal rolls out usernames, ditch those phone numbers for added security.
VMware has identified a critical security flaw in its Enhanced Authentication Plugin (EAP), urging users to uninstall it.
Cybersecurity experts uncover a Russia-aligned cyber operation targeting Ukraine with disinformation.
One of the primary benefits of using memory mapping (MMAP) in applications is saving memory on the client, sharing data amongst multiple threads and processes, and reducing file system impact to the application. Users are constantly looking for ways to improve application performance, and often this means diving deep into their workloads' storage profiles to […]
U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware…
Generative AI capabilities in Skillsoft's Codecademy training platform will give developers hands-on experience using ChatGPT to write code.
Happening on 19 March 2024 in Paris Co-chairs: Austin Parker and Eduardo Silva Observability Day Europe is an exciting reminder that the cloud native ecosystem has grown to be more than Kubernetes.
Exploring some of the major perils associated with Kubernetes runtime security.
Managed Instance Groups' (MIG) new standby pool feature lets you pause and resume VMs to reduce costs, or to respond faster to increased load.
Project post originally published on Istio's blog by Ben Leggett, Yuval Kohavi, and Lin Sun The Istio project announced ambient mesh – its new sidecar-less dataplane mode in 2022…
Master Zero Trust security with our guide on verification, least privilege, and breach assumption strategies for robust network protection.
Announcing the preview of Azure Storage Actions, a fully managed platform that helps you automate data management tasks. Learn more.
A novel malware named Migo targets Redis servers for cryptojacking. It disables security measures, injects XMRig miner, and hides processes.
Malicious packages lurking in open-source repositories. Discover how DLL side-loading is the latest technique used to evade security software.
A new version of curl (8.4.0) fixes a couple of vulnerabilities. Learn about CVE-2023-38545, how it is exploited, and how to detect it.
Generative AI is revolutionizing the way we create testing environments and feature management within DevOps workflows.
National Crime Agency (NCA) conducted Operation Cronos, obtaining LockBit's source code and intelligence about its operations and affiliates.
Generative AI provides a competitive edge, enabling superior digital experiences, innovative products and services and proactive responses.
Discover how AI is revolutionizing Security Operations Centers (SOCs) by enhancing efficiency and effectiveness while preserving the invaluable expertise of human analysts.
ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software.
Join us for an exclusive webinar dissecting real-life response strategies to the impactful exploits of the Scattered Spider threat group.
North Korean Hackers Target Defense Sector! Learn how state-sponsored actors employ sophisticated techniques via LinkedIn job scams.
Strengthen your SaaS security like a pro! Discover how aligning with NIST standards can fortify your applications against cyber threats.
Critical flaw in Bricks WordPress theme allows hackers to execute arbitrary code.
Law enforcement from 11 countries seized LockBit's darknet domains, dealing a major blow to their operations.
Destructive malware, targeted phishing... new report analyzes sophisticated attacks deployed alongside Israel-Hamas war. This is the evolving face of
This post clarifies a few basic concepts around public key infrastructure, including CA tier, topology and what's in a X.509 certificate.
Introduction Today customers want to reduce manual operations for deploying and maintaining their infrastructure. The recommended method to deploy and manage infrastructure on AWS is to follow Infrastructure-As-Code (IaC) model using tools like AWS CloudFormation, AWS Cloud Development Kit (AWS CDK) or Terraform. One of the critical components in terraform is managing the state file which […]
Many customers building applications on Amazon Web Services (AWS) use Stripe global payment services to help get their product out faster and grow revenue, especially in the internet economy. It's critical for customers to securely and properly handle the credentials used to authenticate with Stripe services. Much like your AWS API keys, which enable access […]
Over the past week, our service teams have continued to innovate on your behalf, and a lot has happened in the Amazon Web Services (AWS) universe that I want to tell you about. I'll also share about all the AWS Community events and initiatives that are happening around the world. Let's dive in! Last week's […]
Managed solutions, involving technologies like ClickHouse, signify a transition to more sophisticated data analysis techniques in observability.
Member post by DatenLord In this article, we will mainly introduce the application of Jepsen in the testing of a distributed KV storage Xline. This includes an introduction to the chaos engineering…
NGINX introduced NGINX One, its new platform to help organizations to scale efficiently, ensure apps stay available, and keep the enterprise running smoothly and securely.
This post was co-authored by Cezar Guimarães, Sr. Software Engineer, VTEX Introduction Customers across the globe are increasingly adopting Amazon Elastic Kubernetes Service (Amazon EKS) to run their Windows workloads. This is a result of customers figuring out that refactoring existing Windows-based applications into an open-source environment, while ideal, is a very complex task. It […]
1. Introduction Migration Evaluator is a complimentary migration assessment service that helps customers to create a data-driven directional business case for migrating workloads to AWS. It includes a data collection tool that discovers server workloads running on-premises, along with their utilization patterns. Data from the Migration Evaluator collector needs to be received by the AWS […]
The roles of artificial intelligence (AI) and machine learning (ML) and their adoption across the mainframe will continue to grow.
Meta uncovers a range of international spyware firms are actively targeting users across iOS, Android, and Windows devices.
Looking for a great new DevOps job? Check out these available opportunities at DISH, Autodesk, Zscaler and more!
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats?
Anatsa Android banking trojan expands to Slovakia, Slovenia, Czechia.
A new cyberespionage campaign has targeted over 80 organizations in Europe, exploiting vulnerabilities in Roundcube webmail servers.
The Iranian cyberespionage group Charming Kitten is using fake webinars and a new 'BASICSTAR' backdoor to target experts in Middle Eastern policy.
Can a single dashboard to cover your entire system really exist?
How one longtime GopherCon attendee of gave back to the event, creating a game that captures the curiosity and positive vibes of the GoLang crowd.
Incident postmortems, Git best practices, tips for management open telemetry names and tools and posts on open source software supply chain security this week.
Ukrainian cybercriminal pleads guilty to masterminding Zeus and IcedID malware schemes, infecting thousands of computers worldwide.
Two essential cloud computing tools are the CSA CCM and CAIQ. Get answers to some frequently asked questions about them.
Limit the number of concurrent sessions that your server will accept with these handy SSH configuration settings.
Google open sources Magika, an AI-powered tool that boosts file type identification accuracy by 30%, helping defenders more easily identify malicious
Cybersecurity breaches are on the rise! Learn why safeguarding your business communication channels is more crucial than ever. Read more
In the wake of an incident, we want to answer the questions "What happened?" and, afterwards, "What should we do differently going forward?" Invariably, this leads to people…
Project post originally published on Kyverno's blog Service meshes are all too common these days in Kubernetes with some platforms even building them into clusters by default. Service meshes are no…
How watching Google evolve distributed transactional databases inspired three engineers to bring these innovations to the enterprise.
AWS Network Firewall is a stateful managed network firewall and intrusion detection and prevention service designed for the Amazon Virtual Private Cloud (Amazon VPC). This post concentrates on automating rule updates in a central Network Firewall by using distributed firewall configurations. If you're new to Network Firewall or seeking a technical background on rule management, […]
GovMarket is a new digital marketplace that can help drive innovation in procurement for public institutions in Germany. Here's how.
Introduction A security or data breach can lead to both financial and reputational losses. Maintaining security and compliance is a shared responsibility between AWS and you (our customer), where AWS is responsible for "Security of the Cloud" and you are responsible for "Security in the Cloud". However, security in the cloud has a much bigger […]
A critical vulnerability (CVE-2020-3259) in Cisco ASA and FTD software has been added to CISA's KEV catalog.
The book âGenerative AI Security: Theories and Practicesâ is a practical exploration of real-world GenAI security challenges.
Learn how organizations can maintain existing VMware skills and operational processes and leverage Azure cloud services to modernize their applications.
A new macOS backdoor dubbed "RustDoor" is targeting cryptocurrency companies.
Discover why mastering data governance is crucial for your organization's digital transformation and cloud computing success.
ReversingLabs launched a binary analysis tool that uses machine learning algorithms to identify risks before and after apps are deployed.
DevOps teams should consider a number of different strategies to ensure apps remain efficient and portable across various chip architectures.
Developers can guide AI to create the kind of clean, secure, reliable code that aids businesses rather than creating costly problems for them.
Explore why Zero Trust lags in adoption despite its benefits, and how cloud platforms offer a practical path forward for organizations.
Cybersecurity breaches are not just a concern for big companies anymore. Learn how NTT Security is bridging the gap, making cybersecurity accessible
A malicious Python script allowing cybercriminals to launch SMS phishing attacks via AWS SNS
Cybersecurity breach in a state government organization! Former employee's account exploited, highlighting critical security gaps.
U.S. government disrupted a botnet comprised of SOHO routers used by the Russia-linked APT28 group for malicious activities.
As a DevOps engineer, learning core git concepts is very essential. In this blog, I will talk about
This post is co-written with Rivlin Pereira, Staff DevOps Engineer at VMware Introduction VMware Tanzu CloudHealth is the cloud cost management platform of choice for more than 20,000 organizations worldwide that rely on it to optimize and govern the largest and most complex multi-cloud environments. In this post, we will talk about how VMware Tanzu […]
CISO Phil Venables explores the research and insights from the latest Google Cloud Threat Horizons report.
Happening on 19 March 2024 in Paris Co-chairs: Dan Garfield, Christian Hernandez, Carlos Santana ArgoCon is the best place to meet Argo maintainers and fellow end users to swap stories, strategies…
KCD post by Daniel Drack In the dynamic realm of cloud technology, the Kubernetes Community Days (KCD) Austria 2023 stood as a beacon, showcasing the vibrant potential of cloud-native solutions.
TAG post originally published on Github by TAG Storage NOTE: this document is available via this link: https://bit.ly/cncf-cloud-native-DR The purpose of this document is to introduce a new way of…
Explore essential defenses and insights from the Midnight Blizzard breach to protect your organization against emerging cyber threats. A guide for strengthening SaaS security.
Based on Lyft's Flyte Kubernetes scheduler, FlyteInteractive connects with VSCode Server inside Kubernetes pods to access resources and large-scale data on the grid.
Russia hackers are using a new backdoor called TinyTurla-NG in a campaign targeting Polish non-governmental organizations
Through the history of computing, we have moved through four major transitions, or âepochs,â and are entering the fifth.
Ivanti Pulse Secure runs on an outdated version of Linux, underscoring the challenges of keeping software supply chains secure.
The QakBot cyberthreat is making a comeback. Bad actors are using QakBot's old tricks in a new phishing campaign.
Generative AI can go to many places that AIOps could never and provides a general-purpose approach that can be applied in many different ways.
Under an early access program, ngrok announced it has made available an API gateway that can be consumed as a service.
Generative AI's main impact on software development will be reducing mundane tasks and giving developers more time to innovate.
2023's cyber attacks put SaaS vulnerabilities in the spotlight. Find out why SaaS is the new supply chain and how to safeguard your organization.
AT&T Cybersecurity discovered phishing attacks conducted over Microsoft Teams. Here are actionable remediation steps to fortify your organization.
The open source reverse proxy and load balancing software also now offers support for Open Telemetry.
GenAI isn't going to run DevSecOps off, but it certainly is making them run down. How can security teams keep up with this speed of code?
Chinese-speaking cybercrime group behind sophisticated banking trojans like GoldPickaxe is targeting iOS and Android users.
A newly discovered privilege escalation vulnerability (CVE-2024-21410) in Microsoft Exchange Server is being actively exploited.
AWS Config advanced queries provide a SQL-based querying interface to retrieve resource configuration metadata of AWS resources and identify resource compliance state. You can use AWS Config advanced queries in a single AWS Account and Region or in a multi-account and cross-region setup with AWS Config configuration aggregators. Writing queries requires you to know SQL […]
Veracode's analysis found that, in more than a million applications, 42% contained flaws that remained unfixed for longer than a year.
With a set of operators, Strimzi extends the Kubernetes API in order to provide a native way to interact with Kafka.
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing…
Embark on the migration journey from in-tree volumes to CSI-provisioned volumes for enhanced storage management. Check out the provided instructions in this blog if your GKE cluster still utilizes in-tree volumes.
Over time, Enterprises may need to undertake operations or make modifications to their data as part of general data management, to address changing business needs, or to comply with evolving data-management regulations and best practices. As datasets being generated, stored, and analyzed continue to grow exponentially, the need for simplified, scalable, and reproduceable data management […]
Many AWS customers use consolidated billing, and often need to allocate costs across their internal business units or accounts. This can be challenging when dealing with services that are shared by all accounts. For general chargebacks, some customers use cost allocation tags for this purpose. However, at the time of writing this post, there is […]
TAG post by members of TAG security including Marina Moore, Michael Lieberman, John Kjell, James Carnegie, and Luca Bandini Software supply chain policy describes the required components and processes…
Ambassador Post originally published on a personal blog by BMK Lakshminarayanan In the ever-evolving landscape of cloud-native technologies, the journey through innovation, community building…
Major hacking groups tied to Russia, China, North Korea, and Iran are testing AI tools to boost their cyberwarfare.
Cybersecurity researchers have identified a vulnerability in the command-not-found utility on Ubuntu systems.
SEC charges against SolarWinds highlight the critical role of CISOs, raising questions on compliance and transparent cyber defense strategies.
A JumpCloud survey revealed IT pros are excited about the potential positives of AI, but also realize the negative security implications.
Many API attacks are effectively zero-day, novel attacks that exploit recent and unique changes to specific APIs. Here's how to stop them.
Don MacVittie explains we're in the 'dream world' of data - where the cloud-native stack realizes the dream of portable programming.
Small banks are facing big threats in the cyber landscape. With limited resources, how can they protect customer data and assets from sophisticated cy
From ENIAC to quantum: the evolution of computing power revolutionizes industries but prompts post-quantum security measures against sophisticated threats.
Bumblebee, QakBot, Zloader, & PikaBot are back, sneakier than ever. Don't trust those shady emails or downloads.
Cybercriminals exploit a zero-day flaw in Microsoft Defender SmartScreen to target financial traders with sophisticated malware!
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.
Legit Security updated its ASPM platform with the ability to detect when developers use generative AI tools to write code.
Akamai's Gecko initiative promises to make it simpler to centrally manage and deploy application workloads on edge computing platforms.
The BMW Group (BMW) is a global manufacturer of premium automobiles and motorcycles, covering the brands BMW, BMW Motorrad, MINI, and Rolls-Royce. Since 2022, BMW has started using AWS to scale its capacity to handle vast increases in needed compute and storage capacity to build and test automated driving features, such as adaptive cruise control, […]
Flink is ushering in a long-imagined era when data can finally be harnessed for on-target insights and informed, instantaneous decision-making.
Announcing the general availability of Azure Elastic SAN, the industry's first fully-managed and cloud-native SAN offering. Learn more.
Access control is essential for multi-tenant software as a service (SaaS) applications. SaaS developers must manage permissions, fine-grained authorization, and isolation. In this post, we demonstrate how you can use Amazon Verified Permissions for access control in a multi-tenant document management SaaS application using a per-tenant policy store approach. We also describe how to enforce the […]
With Azure Carbon Optimization, you can use ready-to-consume insights and recommendations for optimizing your carbon emissions and cloud efficiency. Learn more.
As part of GKE Enterprise, Network Function Optimizer delivers enterprise scale and high data-plane performance for containerized applications.
How Glovo migrated their self-managed VPN solution to AWS Client VPN In this blog post Glovo shares how they migrated their ~4000 TLS virtual private network (VPN) users from their self-managed OpenVPN Amazon Elastic Compute Cloud (Amazon EC2) solution to AWS Client VPN by also integrating with OneLogin for authentication and authorization. Amazon Web Services (AWS) Client […]
Co-chairs: Mark Fussell (Diagrid) , Roland Huss (Redhat), Paul Schweigert (IBM) AppDeveloperCon is for developers and architects at all levels. Traditionally KubeCon is focused on infrastructure…
Member post originally published on SighUp's blog by Simone Ragonesi and Sara Trappetti In this article, we will conduct an in-depth exploration of an impactful vulnerability affecting various…
Delve into the unfolding saga of recent ransomware attacks and learn essential preventive measures to safeguard your business.
Community post by Dave Smith-Uchida, Technical Leader at Kasten, by Veeam Data on Kubernetes is a growing area with databases, object stores and other stateful applications migrating to the platform.
Glupteba botnet has been found to include an undocumented UEFI bootkit feature, enhancing its stealth and persistence capabilities significantly.
PikaBot malware undergoes a dramatic transformation, simplifying its code and communication methods
Unlock insights on FedRAMP baseline transition to OSCAL tools and learn to navigate cloud security compliance effortlessly.
If you're contemplating the daring act of open sourcing your projects, here are some things to know before you set out.
Breaking down code reviews into more manageable portions can yield great benefits including efficiency, security and accuracy.
Password spraying, OAuth hijacking, and nation-state attacks – the cybersecurity world is under siege. Learn how to protect your organization.
DevSecOps helps developers find vulnerabilities earlier in the app development process and ensures stronger software security.
Threat actors exploit Ivanti security flaw to deploy a stealthy backdoor! Learn how CVE-2024-21893 puts your devices at risk.
CISA has identified a medium-severity security flaw affecting Roundcube email software, categorized as CVE-2023-43770.
During AWS re:Invent 2023, we announced the general availability of Knowledge Bases for Amazon Bedrock. With a knowledge base, you can securely connect foundation models (FMs) in Amazon Bedrock to your company data for Retrieval Augmented Generation (RAG). In my previous post, I described how Knowledge Bases for Amazon Bedrock manages the end-to-end RAG workflow […]
Given the ubiquity of digital payments, cutting-edge fintech solutions hinge on seamless and highly available real-time transaction processing. Invariably, this needs the support of a performant, reliable, and secure datastore. And after considering technical requirements, fintech companies know that regulatory and compliance auditing never takes a back seat. Enterprise AWS customer Marqeta needed all of […]
Happy Lunar New Year! Wishing you a year filled with joy, success, and endless opportunities! May the Year of the Dragon bring uninterrupted connections and limitless growth 🐉 ☁️ In case you missed it, here's outstanding news you need to know as you plan your year in early 2024. AWS was named as a Leader […]
This post is co-written with Conor Teer, Senior Software Engineer, at EverQuote, David Kelly, Principal Software Engineer at EverQuote, and Mark O'Connell, SVP of Engineering at EverQuote. EverQuote is a leading online insurance marketplace that helps protect life's most important assets- family, property, and future by simplifying the experience of shopping for insurance, making it […]
A survey found the vast majority of respondents' organizations experienced a software supply chain incident in the past 12 months.
While the potential is staggering, AI development confronts a significant challenge: actually getting it into products.
Amazon Inspector is an automated vulnerability management service that continually scans Amazon Web Services (AWS) workloads for software vulnerabilities and unintended network exposure. Amazon Inspector currently supports vulnerability reporting for Amazon Elastic Compute Cloud (Amazon EC2) instances, container images stored in Amazon Elastic Container Registry (Amazon ECR), and AWS Lambda. Java archive files (JAR, WAR, […]
Quiz #19 was: One morning, you receive an alert about unusual activity within your cloud environment. Upon investigation, you discover that a malicious
PromQL-based alerting policies and our command-line tool for importing dashboards from Grafana are now available in Cloud Monitoring.
Co-chairs: Zack Butcher, Iris Ding Istio Day is the biannual community event for the industry's most widely adopted and feature rich service mesh, where attendees will find lessons learned from…
Member post originally published on Aserto's blog by Omri Gazitt, CEO, Aserto Fine-grained authorization is the process of verifying that a subject (typically a user) has permission to perform an…
Companies aren't ready for quantum computing. If your organization deals with cryptographic assets, here's how to transition to PQC.
Cloud architecture investments are rising, but the developer and database market is experiencing a severe skills shortage.
Researchers found a vulnerability in Rhysida ransomware, enabling them to create a decryption tool for Rhysida-encrypted files.
Looking for a great new DevOps job? Check out these available opportunities at JP Morgan Chase, The Pokémon Company and more!
Understand how hackers exploit social engineering to circumvent MFA and fortify your cybersecurity defenses accordingly.
Explore social engineering, including why threat actors value professional identities and how they manipulate human nature.
CISA teams up with OpenSSF to introduce a framework called "Principles for Package Repository Security," aimed at fortifying open-source software.
Discover how Silverfort's Unified Identity Protection Platform revolutionizes Incident Response by swiftly detecting compromised accounts and bolsteri
Microsoft is introducing Sudo for Windows 11, a new feature that allows users to run commands with administrator privileges.
U.S. Department of State is offering up to $10 million for information on Hive ransomware operators.
U.S. shut down Warzone RAT, a tool used for data theft and remote control. Two individuals face charges.
Incident management, recent vulnerability disclosures, build and release engineering and more this week. Enjoy.
Trust in Numbers: The Pursuit of Objectivity in Science and Public Life by Theodore Porter, Distinguished Professor Emeritus of History, UCLA. There are two general approaches to decision-making. O…
We take a look at Kamal, a Capistrano for containers via Docker. It represents a simpler alternative to Kubernetes or Docker Swarm.
The chroot command creates virtualized copies of a software system, and Atom allows you to do so within a GUI.
A new backdoor called RustDoor is targeting macOS systems. This Rust-based malware, linked to ransomware families, steals sensitive data.
Amazon CloudWatch Internet Monitor provides near-continuous internet measurements for your internet traffic, including availability and performance metrics, tailored to your specific workload footprint on AWS. With Internet Monitor, you can get insights into average internet performance metrics over time, as well as get alerts for issues (health events). You're notified about events that impact your […]
AWS CodePipeline is a managed continuous delivery service that automates your release pipelines for application and infrastructure updates. Today, CodePipeline adds triggers and new execution modes to support teams with various delivery strategies. These features give customers more choice in the pipelines they build. In this post, I am going to show you how to […]
GitGuardian has allied with CyberArk to streamline secrets detection and management by making it easier to share insights.
An AWS Identity and Access Management (IAM) role is an IAM identity that you create in your AWS account that has specific permissions. An IAM role is similar to an IAM user because it's an AWS identity with permission policies that determine what the identity can and cannot do on AWS. However, as outlined in […]
Is it ethical to make an open source product commercial? Your first ethical obligation is to yourself and your employees, say founders.
Now is the time for security practitioners to work on their future.
Raspberry Robin malware has been spotted using new exploits and is now spreading via Discord for wider infection.
Introduction Application modernization involves discovery, analysis, extraction, containerization and deployment of an application migrated to AWS. The AWS Application Migration Service (AWS MGN) simplifies and expedites your migration to AWS by automatically converting your source servers from physical, virtual, or other cloud infrastructure to run natively on AWS. In this post, I use post-launch actions […]
Member post originally published on Nirmata's blog by Jim Bugwadia and Khaled Emara Kyverno is a policy engine designed for Kubernetes and cloud native workloads. Policies can be managed as Kubernetes…
Co-chairs: Sebastian Stadil + TBD OpenTofu Day is the single most concentrated event focused on networking and learning from OpenTofu contributors and community members. Discuss the roadmap…
Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including the exact devices each customer bought, as well as each device's warranty status, service contracts and serial…
Define AI, telehealth, DevSecOps, blockchain, Internet of Things, microservices, and other cybersecurity research topics.
An alternative to Docker, Nix offers cross-platform reproducibility to app deployment, and Flox will offer some much needed management, security and collaboration features.
Enterprise users are looking for a scalable and resilient network-attached storage (NAS) solution with high throughput performance on AWS to support distributed systems running Windows and Linux workloads. Moreover, users like to have flexible deployment models so that storage over the network can be consolidated and managed by the infrastructure account for cost optimization and […]
A new variant of MoqHao Android malware silently auto-executes upon installation, snatching data, and hijacking Wi-Fi.
Orca Research forecasts 2024 cloud security threats: AI platform attacks, supply chain risks, and cloud-native malware. Prioritize these areas for enhanced protection.
Cisco this week expanded the scope of its observability platform by adding predictive and generative AI capabilities and log analytics.
Using a SaaS solution where data is stored on the vendor's infrastructure is like playing a football game at your opponent's home field.
DevOps can use insights from customer intelligence data in addition to its use in business strategy, product development and marketing.
Define what an AWS Service Control Policy (SCP) is, its functionality in a larger governance strategy, and associated challenges.
New banking trojan Coyote targets 61 Brazilian banks. It uses Nim and Node.js for evasion and the Squirrel installer framework for distribution.
Myrror Security offers a way out of vulnerability hell with its reachability-based prioritization. Discover more
While most enterprises lack the expertise to directly utilize eBPF and should opt for tools configured with eBPF and extended layers of functionality, help is on the way this year.
Data privacy and compliance are paramount in the cloud era! Explore how businesses can ensure regulatory adherence while leveraging the benefits.
Stealthy cyber espionage campaign targets Islamic non-profit in Saudi Arabia! Learn how attackers maintained long-term access without detection.
Fortinet has unveiled a critical security flaw in its SSL VPN, CVE-2024-21762, allowing hackers to execute arbitrary code.
Ivanti's latest security advisory unveils a high-severity flaw (CVE-2024-22024) affecting Connect Secure, Policy Secure, and ZTA.
Customers are increasingly seeking an efficient solution to manage their expanding AWS resources, spanning AWS accounts and Regions, amidst changes like mergers, acquisitions, and cloud migrations. AWS Tags offer an effective solution for organizing, identifying, and filtering resources by categorizing them based on criteria such as purpose, owner, or environment. AWS customers would like to […]
Co-Chairs: Liam Randall, Divya Mohan Cloud Native Wasm Day is one of the very first co-located events to bring enthusiasts, practitioners, and subject matter experts to the intersection of two…
Traditional API management strategies fall short for modern environments. Here's what it takes to manage APIs in a better way.
Community post by Michel Murabito (@akelity on GitHub) In a world increasingly dominated by technology, it's crucial to think about how it can coexist in harmony with our planet.
The CNCF Technical Oversight Committee (TOC) has voted to accept Strimzi as a CNCF incubating project. Strimzi is focused on deploying and running Apache Kafka clusters on Kubernetes.
Migrations are complex and involve many teams from all levels of an organization. A 2020 Accenture Cloud Value Study found the top barriers to cloud value realization outlined by 700+ IT leaders were misalignment, legacy infrastructure, and lack of skills. Organizations want to keep their applications secure and compliant as they move to the cloud, […]
Final part of a series on hybrid cloud attacks, showcasing a real-world case & focusing on intelligence-driven responses to sophisticated threats.
IT leaders must give developers and DevOps teams a simplified, trustworthy data architecture if they want modernization efforts to thrive.
Chinese state-sponsored hacking group, Volt Typhoon, infiltrates U.S. critical infrastructure for over five years.
AWS constantly innovates on its customers' behalf and strives to improve customer experience by reducing complexity. With AWS, customers look to spend their time solving business problems without worrying about operating their infrastructure. Amazon Elastic Kubernetes Service (Amazon EKS) on AWS Fargate allows customers to run Kubernetes pods without worrying about creating and managing the lifecycle […]
F5 announced a SaaS edition of its NGINX application networking portfolio, which are now all available under a single enterprise license.
Bill Doerrfeld explores how GitHub approaches DX and instills these traits into its software development culture.
Implement a role-based security training program at your organization so everyone knows their specific roles in maintaining security and compliance.
'Unified' is the buzzword in identity management. Unified identity platforms reduce complexity and accelerate time to value, reshaping the security la
HijackLoader, a loader malware, has undergone updates to its defense evasion techniques, making it stealthier and more complex.
Google starts blocking sideloaded apps in Singapore: This pilot program targets apps that abuse permissions to steal one-time passwords and sensitive
Kobiton is open sourcing a script generation tool for the Appium automation framework that automates the running of test scripts.
North Korean APT Kimsuky caught using new Golang-based info stealer "Troll Stealer" and malware "GoBear," both signed with stolen certificates.
In this blog you will learn about Kubernetes objects, resources, custom resources and their differences in detail. While
Cisco, Fortinet, and VMware have released patches for new critical vulnerabilities in their products. Patch immediately to prevent device takeover.
Moving large volumes of data across your hybrid cloud environments can seem like a daunting task, especially when dealing with a litany of requirements that arise when working within the technical limits of network, storage, compute, and operating system layers, both on-premises and in the cloud. Users face additional challenges when balancing their Recovery Time […]
Customers from around the world often tell me that digital sovereignty is a top priority as they look to meet new compliance and industry regulations. In fact, 82% of global organizations are either currently using, planning to use, or considering sovereign cloud solutions in the next two years, according to the International Data Corporation (IDC). […]
While most software developers are using agile development methodologies in the SDLC, less than half said it is working well.
We're excited to announce that Amazon Web Services (AWS) has completed the 2023 South Korea Cloud Service Providers (CSP) Safety Assessment Program, also known as the Regulation on Supervision on Electronic Financial Transactions (RSEFT) Audit Program. The financial sector in South Korea is required to abide by a variety of cybersecurity standards and regulations. Key […]
AWS Verified Access (AVA) provides secure access to applications from anywhere. AVA removes the need for a VPN, which simplifies the remote connectivity experience for end users and reduces the management complexity for IT administrators. But does the application need to be running in AWS to use AVA? The answer is No. If you have […]
In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum's founders was an attorney who advised Russia's top hackers on the legal risks of their work, and what to do if…
Project post originally published on Paolo Patierno We are very pleased to announce the first StrimziCon, scheduled later this year! This is going to be the first conference focused on our beloved…
This tutorial will walk you through the process of crafting a Dockerfile. This will be a fairly basic Dockerfile, but one you can easily build upon.
Google Cloud provides a suite of powerful networking tools. The "Tour of Cloud Networking" lab introduces the core services with options to learn more.
When an application's resource needs change, in-place resource resize in Kubernetes 1.27 resizes Pod resources without restarting the container.
For non-technical leaders, demystify the process of championing cloud security at non-profits and non-governmental organizations.
U.S. Government shuts down the KV-botnet network, but the operators bounce back by restructuring their operations.
A critical vulnerability (CVE-2023-40547) has been found in the shim bootloader, leaving millions of Linux systems vulnerable to attack.
Explore cost-effective strategies for implementing zero trust in IT. Utilize policy changes and administration tactics to enhance security against malware threats.
By using a Java profiler, developers can gain understanding of the app's performance characteristics and identify areas for optimization.
Don MacVittie asks vendors: Don't tell us how you can control other vendors' tools; tell us how you're making it easier to manage yours.
Discover CSPM best practices for cloud security and compliance. Manage risks, ensure data integrity, and maximize tool efficiency for a resilient cloud infrastructure.
Discover the 5-phase action plan to success as a vCISO. From research to reporting, learn how to navigate the complexities of organizational security
Governments and tech giants such as France, the U.K., the U.S., Google, Meta, and Microsoft have joined forces to combat the misuse of spyware.
Dutch military network hacked by Chinese spies! Hackers exploited a known Fortinet flaw, raising concerns about cyberespionage
Critical Flaw in JetBrains TeamCity On-Premises (CVE-2024-23917) Allows Attackers to Take Over Servers
This post was coauthored by Ben Duffield and Eric Silverberg at Perry Street Software, with contributions from Adam Tucker, Piotr Wald, and Cristian Constantinescu of PSS Introduction You just finished deploying that important change you spent weeks preparing, when you see this email subject in your inbox: Alarm: HTTPCode_Target_5XX_Count. Ugh. The code you have just […]
In June 2023, Amazon Web Services (AWS) introduced a new capability to AWS Key Management Service (AWS KMS): you can now import asymmetric key materials such as RSA or elliptic-curve cryptography (ECC) private keys for your signing workflow into AWS KMS. This means that you can move your asymmetric keys that are managed outside of […]
OpenText updated a static analysis code auditing tool using machine learning to provide deeper insights into on-premises IT environments.
Alexis Richardson, CEO and co-founder of Weaveworks, took to LinkedIn to share the somber news of the company's closing.
Customers host their SAP HANA environments on AWS to run their business-critical processes, such as financial planning, data analytics, and supply chain management. Reliably backing up data in SAP HANA is paramount for users to restore the database in the event of disruptions and urgent business needs. To reliably back up SAP HANA, SAP documentation […]
Legacy monolithic structures, with their rigid scalability, have often caused businesses like Blockbuster to be left behind. Now, businesses can provision resources on-demand, and reduce overheads associated with data center management.
Google Cloud is committed to supporting our customers' compliance with EU DORA. Here's the latest on our DORA support.
Researchers chose GKE for their UM-bridge framework for its ability to orchestrate UQ workloads and distribute tasks with load balancing.
Want to use open-source LLM models from Hugging Face on your local development environment? With localllm and Cloud Workstations, you can.
By Constance Caramanolis, principal software engineer, Splunk, and KubeCon + CloudNativeCon co-chair This is part one of our series on Tackling AI Together. We're looking at this new challenge/
Member post originally published on Zesty's blog by Pini Ben-Nahum When it comes to AWS discount plans, management approaches vary greatly. The often overlooked (Standard Reserved Instance) SRI has a…
Researchers found three security vulnerabilities in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that allow for root access and system d
Cybercriminals use fake Facebook job ads to spread Ov3r_Stealer, a Windows malware. It steals sensitive information.
With non-human access like API keys, OAuth tokens, and service accounts, lack of visibility and governance is everywhere. Dive into the non-human identities attack surface.
It's been 15 years since DevOps came on the scene. But for more traditional enterprises, why does their DevOps transformation seem never-ending?
Here are 10 key features to look for when choosing an AI coding assistant to help automate the tedious aspects of software development.
This merger is particularly significant in its potential to streamline developer workflows and optimize data pipeline management, underpinned by the robust capabilities of Fluent Bit and OpenTelemetry.
Salesforce added the ability to customize API security policies to the Mulesoft Anypoint API management platform.
AI assistants are changing the way code gets made, and much of this is for the better. But what's the impact on code quality?
IBM made its most aggressive move yet in its quest to make Linux mainframes more affordable, with an entry-level platform for $135,000.
Take a closer look at the four key factors to keep in mind when evaluating a CNAPP's cloud workload protection capability.
Protecting your data in the cloud is crucial. Learn how a $10B media firm achieved a 201% ROI with SaaS Security Posture Management.
A new cybercriminal group, ResumeLooters, targets job search platforms in APAC, stealing millions of resumes and personal data.
This post is written by Dennis Kieselhorst, Principal Solutions Architect. The combination of portability, efficiency, community, and breadth of features has made Java a popular choice for businesses to build their applications for over 25 years. The introduction of serverless functions, pioneered by AWS Lambda, changed what you need in a programming language and runtime […]
A recently disclosed SSRF vulnerability (CVE-2024-21893) in Ivanti Connect Secure and Policy Secure products is now under mass exploitation.
U.S. imposes visa restrictions on those involved in illegal surveillance through commercial spyware.
We're excited to announce that Amazon Web Services (AWS) has successfully renewed certification under the Korea Information Security Management System (K-ISMS) standard (effective from December 16, 2023, to December 15, 2026). The certification assessment covered the operation of infrastructure (including compute, storage, networking, databases, and security) in the AWS Asia Pacific (Seoul) Region. AWS was […]
With all the generative AI announcements at AWS re:invent 2023, I've committed to dive deep into this technology and learn as much as I can. If you are too, I'm happy that among other resources available, the AWS community also has a space that I can access for generative AI tools and guides. Last week's […]
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS), and we're pleased to announce that AWS has successfully completed the 2023 Cloud Computing Compliance Controls Catalogue (C5) attestation cycle with 170 services in scope. This alignment with C5 requirements demonstrates our ongoing commitment to adhere to the heightened expectations […]
Introduction AWS Cloud WAN is a managed wide-area networking (WAN) service for building, managing, and monitoring a unified global network, as well as connecting resources running across your cloud and on-premises environments. With AWS Cloud WAN, you have a central place to create and manage your global routing configuration by creating a policy and achieving […]
Former operator of defunct crypto exchange BTC-e faces 25 years in prison for alleged $4 billion money laundering scheme.
Running on Google Cloud lets Salk Institute process and analyze complex biological data at scale, and SkyPilot optimizes the computation.
On December 4, 2023, AWS was named as a Leader in the 2023 Magic Quadrant for Strategic Cloud Platform Services (SCPS). AWS is the longest-running Magic Quadrant Leader, with Gartner naming AWS a Leader for the thirteenth consecutive year. AWS is placed highest on the Ability to Execute axis. SCPS, previously known as Magic Quadrant […]
Member post originally published on Devtron's blog by Kamal Acharya TL;DR: In containerized environments where application are broken down into smaller, manageable components autoscaling plays the…
A Case Study Presented by CodeWhisperer Customizations Amazon CodeWhisperer is an AI-powered coding assistant that is trained on a wide variety of data, including Amazon and open-source code. With the launch of CodeWhisperer Customizations, customers can create a customization resource. The customization is produced by augmenting CodeWhisperer using a customer's private code repositories. This enables […]
The new WebAssembly System Interface (WASI) standard is a step in the right direction, potentially paving the way for WebAssembly to fulfill its hype and promise.
Business-critical applications frequently require high availability to meet Service Level Agreements (SLAs). In addition, users are challenged by compliance requirements and disaster recovery plans to assure workload availability. In many cases, workloads needing high availability also need highly performant, low-latency file storage. Customers who are considering the migration of business-critical application to AWS want to […]
Learn why account takeovers are successful, how to detect and remediate them, and how to protect yourself in the future.
The ever-increasing importance of cloud services plus the lack of available talent means cloud careers will see huge growth in 2024.
Threat actor "Patchwork" uses romance scams to spread espionage apps in India and Pakistan! Learn how they infiltrated Android devices with VajraSpy.
Discover how Cato Networks is revolutionizing cybersecurity with their SASE-based XDR platform! Learn how they simplify threat detection and response.
Looking for a great new DevOps job? Check out these available opportunities at Cognizant, IBM, Workday and more!
The OMB's latest memorandum âModernizing FedRAMPâ emphasizes the need for rapid authorization processes to meet the demands of modern cloud services.
Learn how SecurityHQ's innovative SHQ Response Platform is revolutionizing risk management, with insights from Deodatta Wandhekar.
NSO Group's Pegasus spyware targeted nearly 3 dozen journalists, activists, and lawyers in Jordan.
Arvato Systems developed imagejet, a new cloud-based 3D picture production solution, to offer high-quality mass picture production.
Cybercriminals are targeting Mexican users with a new variant of the Mispadu banking malware, exploiting a patched Windows SmartScreen bypass flaw
An excellent standard library and packaging system, first-class concurrency support and a focus on readability are among the traits that keep Golang devs happy.
Several posts this week covering developer experience and the impact of generative AI tooling, along with a few posts more generally devops in 2024.
Hard-coding is never the answer. Instead, use sshpass when you need to put a password in your Bash script.
U.S. Treasury Department has just imposed sanctions on Iranian officials linked to cyberattacks on critical infrastructure.
Decentralized social network Mastodon has disclosed a critical security flaw that allows malicious actors to impersonate and take over any account.
Discover the details of the recent AnyDesk cyber attack, including the company's swift response to secure its production systems and the steps users s
Introduction Sustainable cloud design requires understanding and minimizing the impacts of architectural decisions. With conscientious cloud architecture, we can innovate rapidly while treading lightly on our shared environment. As cloud computing becomes ubiquitous, it's imperative that we build sustainable cloud architectures that minimize environmental impacts. While cloud economies of scale improve efficiency, our design choices […]
Dive into the non-human identities attack surface, how it's created, how attackers exploit it, and what you can do to minimize your exposure.
A penetration test isn't required to complete a SOC 2 report, but it helps grow your compliance security program.
To implement key management solutions (KMS), organizations must take measures to ensure sensitive information is kept safe. Here are three areas to consider.
Introduction The purpose of this blog post is to show the steps on how to change the lifecycle status of a source server from "Ready for testing" to "Ready for cutover" to bypass the testing steps when using the AWS Application Migration Service (MGN). This approach can be used for specific scenarios where you want […]
February 2, 2024: We've updated this post to fix broken links and added a note on migrating passwords. Customers often ask us how to migrate their on-premises Active Directory (AD) domain to AWS so they can be free of the operational management of their AD infrastructure. Frequently they are unsure how to make the migration […]
Today we're excited to announce the general availability of CDK Migrate, a component of the AWS Cloud Development Kit (CDK). This feature enables users to migrate AWS CloudFormation templates, previously deployed CloudFormation stacks, or resources created outside of Infrastructure as Code (IaC) into a CDK application. This feature is being launched in tandem with the […]
AWS Infrastructure as Code (IaC) enables customers to manage, model, and provision infrastructure at scale. You can declare your infrastructure as code in YAML or JSON by using AWS CloudFormation, in a general purpose programming language using the AWS Cloud Development Kit (CDK), or visually using Application Composer. IaC configurations can then be audited and […]
Using Filestore as an accelerator can accelerate load times for AI/ML workloads running on GKE, improving performance and training time.
By Jorge Castro and Shah Ahmadzai Great news for CNCF projects today! Oracle has donated $3M in Oracle Cloud Infrastructure (OCI) credits for Ampere-ARM based workloads. We are happy to announce that…
KCD post by Sergio Méndez, CNCF Ambassador Cloud Native Guatemala started in 2019 with the goal of rebirthing the spirit of open source communities in the USAC university in Guatemala. It started on a…
Member post originally published on Facets.cloud's blog Speed is critical in the tech world. Organizations want to ship code quickly to gain a competitive edge. However, developers often need more…
Dive into the non-human identities attack surface, how it's created, how attackers exploit it, and what you can do to minimize your exposure.
Russian state-sponsored hackers (APT28) have been conducting sophisticated cyberattacks for over a year, targeting high-value organizations worldwide.
To implement key management solutions (KMS), organizations must take measures to ensure sensitive information is kept safe. Here are three areas to consider.
Introduction Business and technology teams often measure Digital Transformation and use a financial metric as the yardstick of success. This is an output focused approach, for example – if you migrate applications as-is to the cloud and reduce costs, businesses will approve more similar migrations. However, organizations need to take a comprehensive approach and include […]
A free version of Graylog's API security platform is intended to encourage developers to adopt best practices to secure APIs.
Low-code/no-code (LCNC) allows non-technical people to build complex apps without needing to be familiar with traditional software logic.
Over 2,000 Ukrainian computers infected with DirtyMoe malware: This malware is capable of stealing cryptocurrency and launching denial-of-service atta
Getting platform engineering right helps organizations create an environment that drives their teams to develop solutions more efficiently.
A penetration test isn't required to complete a SOC 2 report, but it helps grow your compliance security program.
Cloudzy, cloud infrastructure provider, partnered with Recorded Future for real-time threat intel, proactively shutting down malware and ransomware.
A former CIA software engineer named Joshua Adam Schulte has been sentenced to 40 years in prison for transmitting classified documents to WikiLeaks.
An INTERPOL-led operation named "Synergia" targeted phishing, banking malware, and ransomware attacks.
Cloudflare suffered nation-state attack. Hackers accessed documentation, source code, and attempted data center breach. Read full story for details.
Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct…
HashiCorp is working on an Internal Developer Platform, called Waypoint, which could help developers roll out deployments built on Infrastructure as Code patterns.
Introduction In today's interconnected world, communication faces evolving security threats. From sensitive financial transactions in online banking to secure data transmissions in the automobile industry, ensuring trust and authenticity between businesses is becoming more and more critical. This is where Mutual Transport Layer Security (mTLS) can be an option to offer enhanced security through advanced […]
A thought leadership blog highlighting an "innovative approach" to Cloud Operations excellence and Well-Architected goals. This blog walks you through MuleSoft carrying out this new approach including their: Challenge Innovation Journey Implementation of the Cloud Operating Model Challenge Whether companies are migrating to the cloud, or cloud-native, executives are faced with controlling costs and continuous […]
OX Security updated its ASPM platform to enable DevSecOps teams to instantly identify applications with vulnerable code.
Attackers could use a security hole in the open source runc container runtime engine — used by Docker and others — to gain control of the host machine.
Learn how Synthesized uses generative AI to create privacy-preserving snapshots of BigQuery datasets.
Cloud Storage FUSE CSI driver lets you use the Kubernetes API to consume pre-existing Cloud Storage buckets as persistent volumes.
KCD post by Matteo Bianchi, Marcel Kerker and Carlos Mestre del Pino Less than a year ago some of us attended our first Kubernetes Community Day ever, in Amsterdam and we would never have guessed that…
Community post originally published on DZone by Nigel Douglas In highly dynamic cloud-native environments, the traditional Threat Detection and Response (TDR) approaches are increasingly showing their…
FritzFrog Malware Returns with Log4Shell Twist, Targeting Your Internal Systems Patch now & avoid becoming the next victim
Cycode discovered a command injection vulnerability in the way GitHub Actions updated Google's open source Bazel project.
A cryptojacking campaign called Commando Cat is exploiting exposed APIs
Dive into a critical vulnerability, dubbed 'Looney Tunables,' affecting the popular GLIBC ecosystems to see why it happened and how to detect and mitigate it.
Here's how companies can keep multi-cloud challenges like complexity and unexpected costs at a minimum and fuel innovation in the cloud.
Azure cost management helps you gain insights into your Azure spending and offers personalized recommendations for cost optimization.
Measuring the right things can help you prioritize, fix, and report with confidence. Learn the 5 key metrics for effective vulnerability management.
New HeadCrab 2.0 malware is using fileless techniques to turn Redis servers into a botnet for illegal cryptocurrency mining.
U.S. government took down a China-linked 'KV-botnet' malware network that hijacked hundreds of SOHO routers to target critical infrastructure.
In security chaos engineering, experiments are introduced intentionally to ensure cybersecurity systems and processes work correctly.
Chinese hackers are exploiting zero-days in Ivanti VPNs, stealing sensitive data
Critical Apple kernel bug in iOS, macOS, and more exploited in the wild. CISA urges FCEB agencies to patch by February 21st.
Dive into a critical vulnerability, dubbed 'Looney Tunables,' affecting the popular GLIBC ecosystems to see why it happened and how to detect and mitigate it.
In security chaos engineering, experiments are introduced intentionally to ensure cybersecurity systems and processes work correctly.
The telecommunications industry has undergone major technological changes in recent years, and the extensive data generated by telecom operations demands strategic handling. According to a McKinsey survey, over 50% of telecom companies said they were moving more assets to the cloud, including many business-critical applications such as business support systems (BSS). Telecom companies must prioritize […]
Recently, we launched a new AWS Cloud Development Kit (CDK) construct for Amazon DynamoDB tables, known as TableV2. This construct provides a number of new features in addition to what the original construct offered, enabling CDK authors to create global tables, simplifying the configuration of global secondary indexes and auto scaling, as well as supporting […]
Calyptia not only had expertise of Fluentd, but also a razor-sharp focus on the top-end of the market for observability.
Announced by Werner Vogels in his 2023 re:Invent Keynote, Generative AI CDK Constructs, an open-source extension of the AWS Cloud Development Kit (AWS CDK), provides well-architected multi-service patterns to quickly and efficiently create repeatable infrastructure required for generative AI projects on AWS. Our initial release includes five CDK constructs enabling key generative AI capabilities like […]
Building and training generative artificial intelligence (AI) models, as well as predicting and providing accurate and insightful outputs requires a significant amount of infrastructure. There's a lot of data that goes into generating the high-quality synthetic text, images, and other media outputs that large-language models (LLMs), as well as foundational models (FMs), create. To start, […]
Critical Container Exploits Found in runC. These flaws allow attackers to break out of containers and access sensitive data or launch further attacks.
Dynatrace unfurled a Dynatrace OpenPipeline that makes it possible to apply analytics to multiple types of data sources in real time.
Deeper financial analysis and earlier strategic thinking will result in a hybrid cloud deployment that delivers clearer ROI.
In 2023, storage advancements and investments were made aligning with customer workload patterns, cloud computing trends, and the evolution of AI. Learn more.
Ambassador post by Savitha Raghunathan We are excited to announce the release of Konveyor 0.3.0! This version introduces significant features like the Multi-Language Analyzer, Custom Assessment Module…
In this newsletter, guest columnist Yousif Hussin, from our Vulnerability Coordination Center, explores executive lessons from our response to critical zero-day vulnerabilities like Reptar.
Financial institutions need to prioritize payment solutions that minimize disruption to existing IT infrastructure.
Two high-severity vulnerabilities found in Ivanti's Connect Secure, Policy Secure, and Neurons for ZTA.
Improve your cybersecurity strategy in the age of AI with our insights. Discover why GenAI risk requires an evolutionary, not revolutionary, response.
The more you can upskill and empower existing in-house development efforts, the more value you will bring to the business.
Threat actors can launch mass phishing attacks for as low as $230 using Telegram's dark marketplace of tools and victims' data.
Don MacVittie believes we've made progress integrating security across the SDLC, but there's still a ways to go.
In the context of a persistent and evolving cyber threat, the EU aims to strengthen the defense lines of the financial sector with the Digital Operational Resilience Act (DORA).
The Cloud Native Computing Foundation has anointed CloudEvents as a graduated project, but Microsoft and others are already using the technology in large event-driven architectures.
UNC4990 is using weaponized USB devices as an initial infection method to target organizations in Italy.
Heads up, CISOs! The SEC just dropped new cybersecurity regulations for SaaS. Data breaches in the cloud now matter – big time.
The first on the African continent, the Johannesburg Google Cloud region provides low-latency cloud services to accelerate digital transformation.
Chinese nation-state hacker group UTA0178 weaponized Ivanti VPN vulnerabilities to deploy the Rust-based KrustyLoader, cryptocurrency miners.
A recently disclosed flaw in the GNU C library can give hackers full root access to Linux machines.
Introduction The "Elastic" in Amazon Elastic Kubernetes Service (Amazon EKS) refers to the ability to "acquire resources as you need them and release resources when you no longer need them". Amazon EKS should scale to handle almost all workloads but we often hear questions from Amazon EKS customers like: "What is the maximum number of […]
Introduction The "Elastic" in Amazon Elastic Kubernetes Service (Amazon EKS) refers to the ability to "acquire resources as you need them and release resources when you no longer need them". Amazon EKS should scale to handle almost all workloads but we often hear questions from Amazon EKS customers like: "What is the maximum number of […]
In the context of a persistent and evolving cyber threat, the EU aims to strengthen the defense lines of the financial sector with the Digital Operational Resilience Act (DORA).
Improve your cybersecurity strategy in the age of AI with our insights. Discover why GenAI risk requires an evolutionary, not revolutionary, response.
Financial institutions need to prioritize payment solutions that minimize disruption to existing IT infrastructure.
Companies from different industries use data to help their Artificial Intelligence (AI) and Machine Learning (ML) systems make intelligent decisions. For ML systems to work well, it is crucial to make sure that the massive datasets used for training ML models are of the highest quality, minimizing noise that can contribute to less-than-optimal performance. Processing […]
A look into ISO 42001's AI risk management features, unique safeguards, and structure.
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key…
Introduction With this release, Amazon Elastic Container Service (Amazon ECS) integrates with AWS Private Certificate Authority (CA) and automates the process of issuing, distributing, and rotating certificates, which makes it simple for customers to secure traffic between services without adding extra operational workload. Now Amazon ECS Service Connect customers can encrypt service-to-service communication using Transport […]
Introduction In the software development sphere, immediate evaluation of every code adjustment and deploying pull requests to active environments for immediate preview and feedback is essential. This practice is instrumental in reducing post-deployment issues and operational disruptions, underscoring the urgency for dedicated preview environments. Without these environments, the risk of merging unassessed features into the […]
Figure 1 – Break free from analysis paralysis In today's dynamic landscape, companies are seeking faster time-to-value for their business initiatives through cloud adoption. As businesses evolve and embrace digital transformation, application modernization becomes a critical aspect of their cloud journey and an imperative for value creation. Modernizing your applications helps you reduce costs, gain […]
ANima added an ability to personalize the code its generative AI platform creates based on how an app is described.
As part of our commitment to transparency within the cloud native community, we are providing an inside look into the work that goes on behind the scenes to bring the KubeCon + CloudNativeCon schedule…
Hackers could write ANY file on your GitLab server while creating a workspace. This critical flaw (CVE-2024-0402) affects all versions.
Brazilian law enforcement has taken down a major cybercrime ring behind the notorious Grandoreiro banking trojan
Today we're previewing a new chat experience for AWS Glue that will let you use natural language to author and troubleshoot data integration jobs. Amazon Q data integration in AWS Glue will reduce the time and effort you need to learn, build, and run data integration jobs using AWS Glue data integration engines. You can […]
Directly invoking AWS AppSync GraphQL API targets from EventBridge simplifies and streamlines integration between these two services, ideal for notifying a variety of subscribers of data changes in event-driven workloads. You can also take advantage of other features available from the two services.
Did you know that demand for electricity from data centers and artificial intelligence applications could more than double over the next three years? It's true. Apparently there's a lot more we need…
The ever-changing digital environment is driving the evolution of cybersecurity threats. Here are eight notable trends that will be top-of-mind in 2024.
Over the coming year, CloudBolt plans to infuse AI into the FinOps capabilities it provides via its IT management platform.
Silver Spring, Maryland, January 30th, 2024, Cyberwire Aembit Becomes the First Workload IAM Platform to Integrate with the Industry-Leading CrowdStrike
Chinese hackers Mustang Panda caught red-handed targeting Myanmar's Ministry of Defence and Foreign Affairs
Accessing on-premises resources with workers controlled via Step Functions using MQTT and AWS IoT Core is a secure, reactive, and cost effective way to run on-premises jobs. Consider updating your hybrid workloads from using inefficient polling or schedulers to the reactive approach described in this post.
Jenkins remains a powerful CI/CD tool in 2024.
Using LLMs to migrate from Jenkins, GitLab or Azure pipelines to Tekton pipelines can be a strategic DevOps choice.
CNAPP helps orgs evaluate cyber risk across multiple cloud technologies & providers, informing security and compliance measures.
Cybersecurity is a continuous battle. Discover the top 6 vulnerabilities organizations should address
Italy's data watchdog accuses ChatGPT of violating EU privacy laws by collecting sensitive data and exposing children to inappropriate content.
ZLoader malware resurfaces after 2 years, targeting Windows systems with ransomware.
Patch your Juniper firewalls now! 2 critical vulnerabilities (CVE-2024-21619, CVE-2024-21620) could let attackers steal data or even take control.
The ever-changing digital environment is driving the evolution of cybersecurity threats. Here are eight notable trends that will be top-of-mind in 2024.
A look into ISO 42001's AI risk management features, unique safeguards, and structure.
CNAPP helps orgs evaluate cyber risk across multiple cloud technologies & providers, informing security and compliance measures.
Toronto, Canada, January 29th, 2024, Cyberwire In an era where online threats no longer discriminate by business size, Control D, powered by Windscribe
Introduction Generative AI is not only transforming the way businesses function but also accelerating the pace of innovation within the broader AI field. This transformative force is redefining how businesses use technology, equipping them with capabilities to create human-like text, images, code, and audio, which were once considered beyond reach. Generative AI offers a range […]
This past week our service teams continue to innovate on your behalf, and a lot has happened in the Amazon Web Services (AWS) universe. I'll also share about all the AWS Community events and initiatives that are happening around the world. Let's dive in! Last week's launches Here are some launches that got my attention: […]
AWS Config assesses, audits, and evaluates the configurations and relationships of your resources in your AWS account. Why might we want to use this service for cost optimization? Well consider a scenario where we can be alerted if a specific Amazon Relational Database Service (Amazon RDS) instance is deployed in the account. If a larger […]
Through the Helios acquisition, Snyk plans to add an ability to capture app runtime data to extend the capabilities of its ASPM platform.
This spinoff from the Docker Build remote build service, Docker Build Cloud, is a fully managed service that can speed build times by up to 39 times.
Community post originally published on Medium by Sagar Parmar Backstage is an open-source platform for constructing Internal Developer Portals (IDPs). Internal Developer Portals serve as a one-stop…
TAG post by Michel Murabito, Marta Paciorkowska, Kristina Devochko, and Leonard Pahlke For the first time, during the week 9th-15th October 2023, CNCF TAG Environmental Sustainability organized a…
Unlock the path to CISO success by delving into the critical traits and challenges faced in the dynamic world of cybersecurity leadership.
Companies have been collecting user data to offer new products, recommend options more relevant to the user's profile, or, in the case of financial institutions, to be able to facilitate access to higher credit lines or lower interest rates. However, personal data is sensitive as its use enables identification of the person using a specific […]
Amazon VPC IP Address Manager (IPAM) is a VPC feature that allows you to plan, track, and monitor IP addresses for your AWS workloads. Until now, VPC IPAM allowed you to allocate CIDR blocks and monitor them at the VPC level. With a recent feature enhancement in VPC IPAM, you can now manage CIDR allocations […]
Although mainframe platforms still release new capabilities, customers are dealing with core-business application stacks that have accumulated substantial technical debt over decades. Applications use outdated technical components, interfaces, patterns, and data formats. This technical debt is the main factor causing negative impacts on release cycles, maintenance costs, and business outcomes. This critical issue can be […]
Hackers can remotely steal your Windows login NTLM passwords through a vulnerability in Outlook's calendar feature.
Quantum finance holds great potential. However, quantum computing also poses a threat to traditional cryptographic systems which banks rely on.
DX promises a more satisfied workforce, reduced burnout and lower employee churn. But can improving developer experience also reduce costs?
Looking for a great new DevOps job? Check out these available opportunities at Rackner, Cogility Software and more!
Uncover the latest findings in SaaS security, informed by Wing's extensive data analysis and AI insights.
As the threat landscape and the incidence of costly cyber attacks evolves, adopt advanced Security Orchestration and Automated Response.
AI arms race in cybersecurity: From spam filters to spear phishing, AI is both defender and weapon. Learn how Cylance AI is staying ahead of the game,
Faust, the untargeted ransomware variant, highlights the need for comprehensive protection.
NSA admits purchasing Americans' internet data from shadowy brokers, bypassing court orders.
Malicious code hiding in seemingly innocent PyPI packages steals your passwords, crypto & more
We're excited to announce that Amazon Web Services (AWS) has completed its fifth annual Collaborative Cloud Audit Group (CCAG) pooled audit with European financial services institutions under regulatory supervision. At AWS, security is the highest priority. As customers embrace the scalability and flexibility of AWS, we're helping them evolve security and compliance into key business […]
As the threat landscape and the incidence of costly cyber attacks evolves, adopt advanced Security Orchestration and Automated Response.
Unlock the path to CISO success by delving into the critical traits and challenges faced in the dynamic world of cybersecurity leadership.
Quantum finance holds great potential. However, quantum computing also poses a threat to traditional cryptographic systems which banks rely on.
Posts on addressing the fear of automation, continuous integration and what 2024 has in store for Devops, plus tools for managing repos at scale, synthetic monitoring and API definition.
I've occasionally wondered what's behind Slack's
If you are looking to create a encrypted tunnel from one Linux instance to another, the bet choice is SSH port forwarding.
Mexican banks under attack! Spear-phishing campaign using modified AllaKore RAT targets large companies.
Amazon Inspector is an automated vulnerability management service that continually scans Amazon Web Services (AWS) workloads for software vulnerabilities and unintended network exposure. Amazon Inspector has expanded capability that allows customers to export a consolidated Software Bill of Materials (SBOM) for supported Amazon Inspector monitored resources, excluding Windows EC2 instances. Customers have asked us to […]
Step-by-step instructions on how to set up a backup environment, create a backup job, and restore a database from a backup.
Google Kubernetes Engine supports multiple techniques to reduce cold start latency, so you can deliver responsive services - even while autoscaling.
Member post originally published on Fairwinds' blog by Joe Pelletier Kubernetes adoption continues to grow, enabling organizations to automate the deployment, management, and scaling of containerized…
In this post, we share the key announcements related to security, identity, and compliance at AWS re:Invent 2023, and offer details on how you can learn more through on-demand video of sessions and relevant blog posts. AWS re:Invent returned to Las Vegas in November 2023. The conference featured over 2,250 sessions and hands-on labs, with […]
For DevOps teams, serverless computing brings a paradigm shift in how applications are built, deployed and managed.
With the new SEC disclosures rule, material cybersecurity incidents need to be disclosed in 4 days. It's time to strengthen your cybersecurity processes.
SmartBear acquired Reflect, a provider of a no-code web app testing platform that leverages generative AI to create and execute tests.
Uncover the truth about cloud security knowledge gaps. Discover the top 3 identity risks.
Castle walls for the digital age: Defense-in-Depth is the medieval fortress of cybersecurity. But even fortresses fall.
IaC allows for the deployment, management and scaling of infrastructure through machine or direct-to-machine code.
Malicious Google ads for banned messaging apps like Telegram are dropping RATs on devices.
Russian national Vladimir Dunaev sentenced to 5 years and 4 months for TrickBot malware involvement.
Microsoft confirms Russian hackers who breached them in November are now targeting more organizations.
Cisco's Unified & Contact Center solutions have a CRITICAL flaw (CVE-2024-20253) allowing remote attackers to take control.
It is often challenging to consistently apply resource tags that deliver organizational benefits such as accurate cost allocation and granular access controls. Organizations often face issues with cleaning up resources in lower environments created by developers during early stages of development and testing. Without proper tagging, it can be difficult to identify experimental resources created […]
It is often challenging to consistently apply resource tags that deliver organizational benefits such as accurate cost allocation and granular access controls. Organizations often face issues with cleaning up resources in lower environments created by developers during early stages of development and testing. Without proper tagging, it can be difficult to identify experimental resources created […]
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole…
With the new SEC disclosures rule, material cybersecurity incidents need to be disclosed in 4 days. It's time to strengthen your cybersecurity processes.
Uncover the truth about cloud security knowledge gaps. Discover the top 3 identity risks.
Amazon Lightsail is the easiest way to get started on AWS, allowing you to get your application running on your own virtual server in a matter of minutes. Lightsail bundles all the resources you need like memory, vCPU, solid-state drive (SSD), and data transfer allowance into a predictable monthly price, so budgeting is easy and […]
Amazon Web Services (AWS) is pleased to announce the issuance of the Criteria to Assess the Information Security of Cloud Services (PiTuKri) International Standard on Assurance Engagements (ISAE) 3000 Type II attestation report. The scope of the report covers a total of 171 services and 29 global AWS Regions. The Finnish Transport and Communications Agency […]
Quiz #17 was: You're working in a GitOps environment where developers use Helm charts to manage Kubernetes deployments. One day, a developer makes a
Diffblue has integrated its automated unit testing platform for Java with the DevSecOps platform from GitLab.
This year's trends in DDoS attacks reveal a complex and evolving threat landscape. Learn more.
New Relic Pathpoint enables DevOps teams to better understand the potential business impact of any change to an IT environment.
Custom Organization Policies is now generally available. The powerful new extension to Org Policies can create granular resource policies to address cloud governance requirements.
Platform engineers can influence API development by following best practices and implementing DevOps design patterns.
CNCF is delighted to announce the finalized schedule for KubeCon + CloudNativeCon Europe 2024 in Paris, France from 19 to 22 March. From AI to WASM, eBPF, and environmental sustainability, KubeCon +…
Community post by Brandon Wick View the full Edge Native Application Design Behaviors Whitepaper Cloud native application design best practices have been well established, with a notable example being…
Continuous Controls Monitoring provides real-time insights via automation, data-driven governance, and proactive risk mitigation.
Member Community post originally published on Humanitec's blog by Kaspar von Grünberg, CEO at Humanitec Platform Orchestration might be a relatively new concept, but it is going to radically transform…
Cybersecurity experts reveal the inner workings of SystemBC's command-and-control (C2) server, a dangerous malware available on the dark web.
DevOps security (DevSecOps) is about breaking down silos and promoting open collaboration across teams with the ultimate goal being security.
Learn how the shared responsibility model is applied to security, governance, compliance, and BC/DR in cloud computing.
Success as a DevOps engineer requires understanding how the field evolved and what are the best practices and skills needed today.
The explosion of new AI APIs, libraries and frameworks has the potential to increase technical debt and overwhelm DevOps teams.
APT10, a Chinese nation-state hacking group, has updated its LODEINFO backdoor to target Japanese organizations with fileless malware.
Critical Jenkins RCE vulnerability (CVE-2024-23897) discovered. Hackers can remotely control your CI/CD pipelines.
Discover intelligence-driven incident response strategies to outsmart cloud attackers. Real-world insights for effective defense.
Get the Axur report's comprehensive analysis & actionable insights to navigate the evolving cyber threat landscape
China-linked group called Blackwood is hijacking updates for popular apps like Tencent QQ & WPS Office to inject their sophisticated "NSPX30" spyware
New Go-based CherryLoader Malware Mimics Note-Taking App, using a spooky fileless technique called process ghosting to run exploits.
Major Tech Giant HP Enterprise Hacked by Russian Intelligence Group Linked to DNC Breach
Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. The malicious ads, which appear above organic search results and often precede links to legitimate…
Continuous Controls Monitoring provides real-time insights via automation, data-driven governance, and proactive risk mitigation.
Discover intelligence-driven incident response strategies to outsmart cloud attackers. Real-world insights for effective defense.
Learn how the shared responsibility model is applied to security, governance, compliance, and BC/DR in cloud computing.
IDC determined that Google Cloud's SecOps platform delivers ROI of 407% over three years, with a payback period under 7 months.
Today, we are delighted to announce the launch of the AWS Well-Architected Migration Lens White Paper. The Migration Lens extends the Well-Architected Framework to include best practices and implementation guidance that you can apply to your migration program across the three migration phases: Assess, Mobilize, and Migrate. Since 2015, the AWS Well-Architected Framework has been […]
A survey found only 20% of IT and security professionals are confident in their ability to detect a vulnerability before an app is released.
Community post originally published on Ash Sharma's personal blog On the wall across from my desk, I've got badges from all the conferences I've been to. The collection has grown quite a bit over the…
At KubeCon + CloudNativeCon Europe, we will be holding our first-ever hackathon, CloudNativeHacks. The Paris edition is focused on hacking for a more sustainable future. CNCF is collaborating with the…
FBot: A unique Python-based hacking tool targeting web servers, cloud services, AWS, Office365, PayPal, Sendgrid, and Twilio.
Garbage collection has become a standard feature for WebAssembly in its development, showing progress on many fronts. But what is
Cybersecurity researchers have discovered a critical loophole in Google Kubernetes Engine (GKE) that could potentially be exploited by threat actors
Policymakers in the European Union have reached a provisional agreement on new rules to govern AI models. Here are 10 things to know about the new EU AI Act.
Configuration-as-code allows for a version-controlled, reproducible and automated method of managing environments.
Venafi added an ability to prevent unauthorized code from running in IT environments that use its machine identity management platform.
Agile doesn't excuse bad communications, and DevOps is not short for 'random change on a whim.' Don MacVittie explains.
Kasseika, the latest ransomware kid on the block, is using a sneaky trick called BYOVD to disarm your defenses before encrypting your files! It even
Learn how you can regain control of SaaS security and governance with a scalable solution purpose-built for the modern workforce.
A âwhole-of-stateâ security strategy fosters collaboration across the entire state, in a way that spans every geographical region and level of government.
Open Source Boon or Bane? Your Code's Hidden Vulnerabilities Exposed! Traditional SCAs fall short against stealthy supply chain attacks.
Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian hacker tied to Medibank attack, data of 9.7M exposed.
GoAnywhere users, listen up! Critical bug (CVE-2024-0204) lets anyone become admin. Update to 7.4.1 immediately.
I've just started reading Trust in Numbers: The Pursuit of Objectivity in Science and Public Life by the historian of science Theodore Porter, and so far it's fantastic. The first chapt…
FBot: A unique Python-based hacking tool targeting web servers, cloud services, AWS, Office365, PayPal, Sendgrid, and Twilio.
Introduction The Amazon Elastic Kubernetes Service (Amazon EKS) team is pleased to announce support for Kubernetes version 1.29 in Amazon EKS, Amazon EKS Distro, and Amazon EKS Anywhere (v0.19.0). The theme for this version was chosen for the beautiful art form that is Mandala—a symbol of the universe in its perfection. Hence, the fitting release […]
Mobb added an ability to instantly surface patches for vulnerabilities at the time when code is being committed during a DevSecOps workflow.
VMware's roots are everywhere, and pulling them up is going to unearth a lot of dirt. The acquisition seriously changes the relationship customers will have with the new version of the company going forward.
Legit Security expanded the scope of its ASPM platform to make use of AI to discover vulnerable application secrets more accurately.
The case for applying the Operator Pattern to database migrations.
Red Hat's Markus Eisele says that in an IT world of AI, security concerns, and regulations, internal developer platforms lift many of the mundane tasks.
Community post by Danielle Cook and Simon Forster, CNCF Ambassadors and members of the Cartografos Working Group The last year has seen cloud native projects put on hold, layoffs announced…
Member post originally published on DZone's blog by Sameer Danave In this article, learn about the influence of AI, key tech predictions, and the evolving landscape in cloud infrastructure.
Dr. David L. Mills, the visionary behind the Network Time Protocol (NTP) that synchronizes time across billions of devices globally, has died.
Massive "Criminal Affiliate Program" Exposed: VexTrio Brokers Traffic for 60+ Cybercriminals, Including ClearFake & SocGholish.
This is a guest post co-written with Roshan Raj, Cloud Network Specialist at ZS Associates In this blog post, we will highlight challenges faced by ZS to keep cost under control while managing a large, complex global network infrastructure which spans across multiple AWS Regions. We will show how ZS used Network Orchestration for AWS […]
This post explores ways to provide mutual TLS authentication for private API Gateway endpoints. A previous post shows how to achieve this using a self-managed NGINX proxy. This post simplifies the architecture by using the native mTLS support now available for Application Load Balancers.
From the death of the modern data stack sprawl to the birth of generative AI, 2024 is the beginning of a new era in infrastructure tech.
Did you download Warbeast2000 or Kodiak2k from npm? If so, your SSH keys might be compromised! These packages steal keys & upload them to GitHub.
End-user behaviors are the primary cause behind SaaS security incidents. Help your end-users avoid falling for these common SaaS threats.
Network APIs can open up innovations for industrial robots, real-time streaming of immersive video using multiple cameras and much more.
Malicious "Activator" booby-traps DMG files on macOS, tricking users into granting admin access. It then steals crypto wallet data and system info.
DDoS Attacks Doubled in Size in Just 2 Years! 46% of DDoS attacks target the gaming industry, disrupting gameplay and costing companies millions.
As organizations move data to the cloud, a key challenge is segregating their cloud environments. Explore the importance of segregation in the cloud.
The Observability Query Language Standard working group seeks to establish a unified standard for observability languages.
Cyber Crime Marketplace Mastermind, 21, Walks Free (Mostly). Fitzpatrick, creator of BreachForums, avoids prison but faces strict monitoring.
In this comprehensive ingress guide, you will learn how to setup Nginx ingress controller on Kubernetes and configure
Hackers are actively exploiting a critical Atlassian Confluence flaw (CVE-2023-22527) within days of its reveal.
Apple fixes first "in-the-wild" zero-day of 2024. Update iPhones, iPads, and Macs NOW!
Introduction Since its first appearance on AWS in 2015, Red Hat OpenShift service on AWS (ROSA) has had a similar architecture. Regardless of it being OpenShift 3 or OpenShift 4, self-managed OpenShift Container Platform (OCP), or managed ROSA. All this time customers query the Control Plane existing within their AWS account and explore getting the […]
Chronosphere has acquired Calyptia to add additional pipeline management capabilities to its observability platform.
New York, U.S.A., January 22nd, 2024, Cyberwire Memcyco will showcase its solutions at Deloitte's annual Cyber iCON event, demonstrating how organizations
Enterprises often have an identity provider (IdP) for their employees and another for their customers. Using multiple IdPs allows you to apply different access controls and policies for employees and for customers. However, managing multiple identity systems can be complex. A unified authorization layer can ease administration by centralizing access policies for APIs regardless of […]
This post was co-authored with Thiru Bhat, Director CSO-CM, Office of the CTO, VMware VMware has been developing virtualization software since 1998. Headquartered in Palo Alto, California, the company is known for its application modernization, cloud, networking, security, and digital workspace offerings. They require a thorough and all-encompassing approach to ensure that corporate controls and […]
As usual, a lot has happened in the Amazon Web Services (AWS) universe this past week. I'm also excited about all the AWS Community events and initiatives that are happening around the world. Let's take a look together! Last week's launches Here are some launches that got my attention: Amazon Elastic Container Service (Amazon ECS) […]
Java & Android Libraries Vulnerable: New "MavenGate" Attack Hijacks Apps! Hackers exploit abandoned libraries to inject malicious code
North Korea's ScarCruft targeting media & experts! A new attack campaign using fake threat reports & infected ZIPs aimed at gathering intel on North
CISO Phil Venables explains in his newsletter how new breach disclosure rules from the SEC can help business leaders achieve a more mature security posture.
Managed Service for Prometheus now lets you instrument an application with metrics once, and deploy it on Compute Engine, GKE, or Cloud Run.
We're excited to announce that Amazon Web Services (AWS) has completed the first cloud service provider (CSP) audit by the Ingelheim Kreis (IK) Initiative Joint Audits group. The audit group represents quality and compliance professionals from some of our largest pharmaceutical and life sciences customers who collectively perform audits on their key suppliers. As customers […]
Ambassador post originally published on Logz.io's blog by Dotan Horovits With 2023 drawing to a close, the final OpenObservability Talks of the year focused on what happened this year in open source…
Okta's State of Zero Trust report shows how healthcare, the public sector, financial services, and software companies fared in 2023.
The Executive Order on the Safe, Secure, and Trustworthy Development and Use of AI informs genAI best practices. Here are a few key topics it covers.
Looking for a great new DevOps job? Check out these available opportunities at Tesla, University of Wisconsin and more!
Take a look at PCI DSS 4.0 and how the updated version can help your organization strengthen its security program.
A global survey of site reliability engineers (SREs) found diagnosing issues is the most difficult aspect of incident management.
52% of Serious Vulnerabilities We Find are Related to Windows 10 | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
Alert! New Java malware "NS-STEALER" uses bots to steal your logins and wallet data from popular browsers and exfiltrates secrets via Discord.
FTC clamps down on InMarket for selling precise location data without consent
alert! Critical vulnerability still being exploited for ransomware, rootkits, and more.
A great excerpt from the new book Deming's Journey to Profound Knowledge to kick things off this week, alongside posts on user centred IT, measuring developer productivity, environment provisioning, DSL geekery and more. Enjoy.
This is either a set of SRE interview topics or the squares for the SRE bingo card.
If you do any remote Linux work with the Secure Shell, you shouldn't assume that it's locked down by default. Here is how to set up key authentication.
A China-linked cyber espionage group called UNC3886 has been exploiting a zero-day vulnerability in VMware vCenter Server (CVE-2023-34048).
CISA issues emergency directive against two major zero-day actively exploited flaws in Ivanti products.
Microsoft discloses Russian APT infiltrated its systems through a test account, stealing emails and attachments of senior executives.
TA866 is back with thousands of invoice-themed, booby-trapped emails targeting users with WasabiSeed and Screenshotter malware.
Amazon Elastic Container Service (ECS) deploys and manages your containerized tasks on AWS infrastructure. Customers can avoid the need to maintain compute instances by using Amazon ECS to deploy tasks on serverless AWS Fargate capacity. But some customers prefer to use Amazon ECS with Amazon Elastic Compute Cloud (Amazon EC2) as capacity. Using Amazon EC2 […]
Amazon Web Services is pleased to announce that eight additional AWS services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) v4.0 certification: AWS AppFabric Amazon Bedrock AWS Clean Rooms AWS HealthImaging AWS IoT Device Defender AWS IoT TwinMaker AWS Resilience Hub AWS User Notifications Coalfire, a third-party […]
A Canadian man who says he's been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve "triangulation fraud," which occurs when a consumer purchases something online -- from a seller…
Kubernetes is great for deploying microservices, but tracking them once deployed can be a challenge. Get information from logs faster with Duet AI.
Ambassador post by Saim Safdar Implementing Multi-tenancy patterns is becoming increasingly prominent helping drive maximizing resource utilization, reducing operational overhead…
Member post by DatenLord Why is deduplication of commands necessary? In a system that receives external commands, it is common for a command to be executed at least once, which we refer to as at-least…
Community post by Christian Hernandez, head of community, Akuity GitOpsCon Europe 2023 took place, virtually, on December 5th and 6th. It took place as multiple tracks, spread over two half days.
Clarify the definitions of 10 cybersecurity terms and take your first steps toward a more robust security posture.
New Grafana tools like Adaptive Metrics and the Cost Management Hub help organizations better deal with the deluge of observability data.
In this demo of WasmEdge, Second State's Michael Yuan shows how to create a lightweight execution environment for the operation of large language models.
It was almost a year ago when ChatGPT brought generative AI to the masses. Here are 5 key observations that will determine the direction cybersecurity takes this next year.
Real-time app monitoring is about fundamentally shifting your mindset toward a culture of accountability and continuous improvement.
Thinking of downloading a pirated copy of that software? Think again. A new backdoor malware has been discovered in pirated macOS apps.
Cyber threats are on the rise! Learn how ransomware attacks and vulnerabilities like ProxyLogon are causing data loss in Exchange Servers
The number of CVEs is a good indicator of the threat landscape. Learn how a time series approach (SARIMAX model) can be used to predict 2024 CVE counts.
Port knocking works by closing off all ports and only opening them 'on demand,' according to a pre-determined sequence of pings.
Malicious "oscompatible" package on npm deployed a sophisticated trojan on Windows machines. Keep your software up-to-date.
A critical flaw (CVE-2023-35082) in Ivanti EPMM is being exploited in the wild, giving attackers access to your data.
Today's applications collect a lot of data from customers. The data often includes personally identifiable information (PII), that must be protected in compliance with data privacy laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Modern business applications require fast and reliable access to customer data, and Amazon […]
This post demonstrates using AWS CloudFormation StackSets to deploy CloudFormation Hooks from a centralized delegated administrator account to all accounts within an Organization Unit(OU). It provides step-by-step guidance to deploy controls at scale to your AWS Organization as Hooks using StackSets. By following this post, you will learn how to deploy a hook to hundreds […]
For decades, we've watched energy companies attempt to bring off-the-shelf information technology (IT) systems into operations technology (OT) environments. These attempts have had varying degrees of success. While converging OT and IT brings new efficiencies, it also brings new risks. There are many moving parts to convergence, and there are several questions that you must […]
We are proud to announce the DevOps Dozen² 2023 honorees, celebrating the greatest leaders and innovators in the DevOps space.
A new attack targets Docker servers and uses a combo of cryptocurrency mining and website traffic generation for profit.
Personalized Service Health now alerts on emerging incidents, providing speedy, personalized notification of incidents to impacted customers.
New Cloud Monitoring metrics in BigQuery let you combine billing data with resource utilization metrics, to perform detailed analyses in BigQuery.
Steps to Building Terragrunt Orchestrator, ChatGPT by Azure Terraformer, Managing AWS Security Groups
Member post originally published on Nirmata's blog by Jim Bugwadia Do policies that mutate or generate resources violate GitOps principles? In this blog post, I will show you how policy-based resource…
By Christophe Sauthier, Cloud Native Training and Certification Lead, CNCF A recent CNCF micro-survey focused on training and certification revealed that the vast majority of IT professionals are…
AWS Network Manager is a great tool that lets you monitor changes in your network and create automations. In this post, we cover how to leverage events in Network Manager to get notified about network changes and how to use AWS Serverless technologies to enrich the information provided by these events. Let's start with a simple question: What is Network […]
Introduction This blog post is for customers who want to implement automated tagging controls and strategy for cost allocation. Customers want to centralize and maintain consistency for tags across AWS Organizations so they are available outside their AWS environment (e.g. in build scripts, etc.) or enforce centralized conditional tagging on existing and new AWS resources […]
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ev
A Vulnerability Disclosure Program/Responsible Disclosure Program is a publicly accessible framework for responding to cybersecurity threats.
Cisco's acquisition of Isovalent means Cisco gets Cilium, which leverages eBPF (Extended Berkeley Packet Filter) for kernel-level networking and security.
Hybrid clouds cater to the strategic shift toward more agile, responsive and cost-effective IT operations.
Vulnerabilities found in TensorFlow CI/CD pipeline allow malware upload and token theft.
Experts offer insight into the trends, transformations and breakthroughs that will redefine the DevOps landscape in 2024.
MFA spamming attacks! Hackers are now targeting users with overwhelming MFA prompts, risking security.
With threats continuously evolving and appearing, you must be prepared to respond quickly to a business email compromise attack.
Multiple vulnerabilities, known as PixieFail, have been discovered in widely used UEFI firmware, putting modern computers at risk.
"Mind Sandstorm," an Iranian cyber espionage group, has targeted experts in Middle Eastern affairs across several countries.
The Bulikula and Halaihai subsea cables will connect Guam with Fiji and French Polynesia to increase central Pacific connectivity.
Introduction Scaling Kubernetes networking is key to addressing the growth of services and future-proofing infrastructure as the digital landscape continues to evolve. The need for a unique IP address per pod intersects with the challenges of limited IPv4 address space. The finite pool of available IPv4 addresses often forces Kubernetes cluster administrators to use alternatives […]
Introduction In Part 1 of this blog series we covered the foundation of Amazon Elastic Kubernetes Service (Amazon EKS) IPv6 clusters and the deep integration into the underlying Amazon Virtual Private Cloud (Amazon VPC) dual-stack IP mode. As customers evaluate their migration strategies to IPv6 to harness the benefits of scale and simplicity, they need […]
Introduction So far, in Part 1 and Part 2 of this blog series we covered the foundational aspects of Amazon Elastic Kubernetes Service (Amazon EKS) IPv6 clusters and highlighted key patterns for implementing IPv6 to future-proof your networks. Besides configuring your IPv6 Amazon EKS clusters, migration to the world of IPv6 involves careful infrastructure planning […]
In this guide, we will look at Prometheus architecture in detail. Prometheus is an open-source monitoring and alerting
Cloud migrations and modernization are a lengthy, intricate, and continually evolving processes. Despite this, McKinsey studies indicate that customers are increasing cloud budgets and the number of applications that they plan to migrate. One of the primary complexities of migration and modernization projects are that collaboration with stakeholders can be cumbersome, relying on random ad-hoc […]
Based on Backstage, Red Hat Developer Hub, an Internal Developer Platform, provides a suite of tools and features to streamline and enhance the development process.
The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as "Internet Swiping" and "Million Dollar Criminal" earning millions of views, Punchmade has…
Swimm has added a chat tool that enables developers to use natural language to surface insights into code.
Personalized Service Health provides visibility into incidents relevant to your environment, allowing you to evaluate their impact and track updates.
Prompt engineering became a thing in 2023 and will stop being a thing in 2024. Don MacVittie explains why.
By Chris Aniszczyk We have been tracking open source project velocity over the last several years and wanted to share the latest update highlighting open source project velocity over the last 12…
Member post originally published on Medium by Greptime WebAssembly is a new instruction format that offers cross-platform compatibility and execution speeds close to native machine code.
Discover key takeaways from 'What Got You Here Won't Get You There' by Marshall Goldsmith, and how they apply to cybersecurity.
The new API is aimed squarely at JavaScript and Python developers building vector-first RAG/LLM generative AI applications.
Amazon CSO Stephen Schmidt AWS re:Invent drew 52,000 attendees from across the globe to Las Vegas, Nevada, November 27 to December 1, 2023. Now in its 12th year, the conference featured 5 keynotes, 17 innovation talks, and over 2,250 sessions and hands-on labs offering immersive learning and networking opportunities. With dozens of service and feature […]
Popular PAX PoS systems used in countless stores worldwide are vulnerable to crippling attacks.
Wing Security now offers unparalleled control over AI and AI-powered SaaS applications, safeguarding your company's valuable IP and data.
Explore how to keep your Software-as-a-Service (SaaS) applications in compliance with relevant regulations and standards.
CISA & FBI warn of a growing AndroxGh0st botnet targeting AWS, Microsoft Office 365, SendGrid, and Twilio credentials.
During the SOC 2 audit process, the auditor might identify gaps or control exceptions, but their role encompasses much more than that.
Discover how a simple 'Shutdown.log' file on your iPhone could be the key to identifying the presence of notorious spyware.
Hackers can scale from basic user to network kingpin. Learn their secret weapon & how to stop them in "Art of Privilege Escalation."
A high-severity bug (CVE-2024-0200) could've allowed attackers to access credentials in production containers on GitHub.
Citrix Patches Critical RCE Vulnerabilities (CVE-2023-6548, CVE-2023-6549) Exploited in Wild.
Chrome Zero-Day Alert! Update NOW to patch a critical flaw exploited by hackers. This memory leak bug lets attackers steal your secrets.
In part 1, we discussed how to use Amazon SageMaker Studio to analyze time-series data in Amazon Security Lake to identify critical areas and prioritize efforts to help increase your security posture. Security Lake provides additional visibility into your environment by consolidating and normalizing security data from both AWS and non-AWS sources. Security teams can […]
Moving forward, the plan is for OpenTofu to maintain compatibility with Terraform while introducing significant new features.
We are launching three new modules for AWS Supply Chain today. These modules are designed to help you collaborate with your suppliers across all tiers of your supply chain, with the goal of helping you to maintain optimum inventory levels at each site in the chain. Here's an overview: Supply Planning – This module helps […]
Improve your SRE practices with Duet AI assistive development, logs analysis and infrastructure advice.
Community post originally published on DEV.to by Sunny Bhambhani In this article we will be talking about i.e. how to get multiple helm charts installed using helmfile. If you haven't read the…
Delve into the benefits of CSA's Certificate of Competence in Zero Trust (CCZT), a comprehensive cloud security course and certificate.
This post is written by Anna Spysz, Frontend Engineer, AWS Application Composer AWS Application Composer launched in the AWS Management Console one year ago, and has now expanded to the VS Code IDE as part of the AWS Toolkit. This includes access to a generative AI partner that helps you write infrastructure as code (IaC) […]
Over 178,000 SonicWall firewalls are vulnerable to security flaws. These flaws could lead to denial-of-service (DoS) conditions and RCE attacks
The top 5 high profile non-human access attacks in 2023 and what we can learn from them.
Multi-cloud environments involve businesses using services from multiple cloud providers to meet diverse operational needs.
reaking News: Remcos RAT, a stealthy remote access trojan, is now spreading in South Korea disguised as adult-themed games via webhards
The dynamic nature of data analytics workloads, coupled with data transfer expenses between multiple clouds, contributes to complexity.
AMBERSQUID tactically exploits less-known AWS services (Amplify, Fargate, SageMaker), costing victims $10,000+/day.
Moving forward, the plan is for OpenTofu to maintain compatibility with Terraform while introducing significant new features.
Did you know a simple cookie misconfiguration can cost millions in fines? See how a major retailer's overlooked issue nearly led to a privacy disaster
Over 137,000 people lost crypto to Inferno Drainer, a malware-as-a-service scam operating for a year.
Cybercriminals are weaponizing the CVE-2023-36025 Windows vulnerability to deploy Phemedrone Stealer, an open-source information stealer
Introduction On October 4, 2023, Amazon Elastic Kubernetes Service (Amazon EKS) announced the public preview of extended support for Kubernetes versions, which gives you an additional 12 months of support for Kubernetes minor versions. Today, we are announcing the pricing for extended support. Amazon EKS clusters running on a Kubernetes version in the extended support […]
If you run Windows workloads on Amazon Elastic Compute Cloud (Amazon EC2), monitoring the health and performance of your Windows Services is essential for reliable systems administration. It's not just about ensuring uptime; it's about having a pulse on your system's health and performance. With a variety of services operating in the background, each playing […]
Project post by Wenbo Qi of Dragonfly Git LFS (Large File Storage) is an open-source extension for Git that enables users to handle large files more efficiently in Git repositories. Git is a version…
We are in January, the start of a new year, and I imagine many of you have made a new year resolution to learn something new. If you want to learn something new and get a free Amazon Web Services (AWS) Learning Badge, check out the new Events and Workflows Learning Path. This learning path […]
Critical security flaw found in Opera Browsers. MyFlow sync feature lets attackers take over your Windows and macOS systems.
2023 witnessed a shocking 55.5% increase in ransomware victims! Over 4,368 cases reported globally. Stay ahead in the cybersecurity game.
This skills gap prevents companies from leveraging the power of quantum computing and also leads to expensive competition for talent.
Looking for a great new DevOps job? Check out these available opportunities at Booz Allen Hamilton, Pozent and more!
Over 7,100 WordPress sites have been hit by the 'Balada Injector' malware, which exploits sites using a vulnerable version of the Popup Builder plugin
Bosch's smart devices have high-severity vulnerabilities, posing a risk to your thermostat and smart nutrunners
Environmental services face an unprecedented 61,839% surge in cyber attacks! Discover why this industry is the new hotspot for hackers.
Posts and tools on alert fatigue, scaling infrastructure management, developer portals, OpenTelemetry and package managers this week. Enjoy.
Surprise twist in Denmark cyber attacks - Not the work of Russia's Sandworm. New evidence shifts the narrative. Discover more
Juniper Networks addresses a major 9.8-rated RCE vulnerability in SRX Series firewalls & EX Series switches.
29-year-old Ukrainian arrested for a major cryptojacking scheme, netting over $2M in profits.
Many organizations generate large quantities of data locally, including digital imagery, sensor data, and more. Customers require local compute and storage to ingest and enable real-time predications based on their data, and often preprocess this data locally before transferring to the cloud to unlock additional business value such analysis, reporting, and archiving. Automating transfers to […]
This post is an extension of our Container Image Signing blog series. In our first post, we discussed the motivations and fundamental concepts behind cryptographic signing for containers. Introduction Organizations today are adding additional security measures to their software development lifecycles (SDLC) due to compliance, governance, or executive requirements. For containerized applications, one such security […]
Introduction The AWS Load Balancer Controller is a Kubernetes Special Interest Group (SIG) project, which enables organizations reduce their Kubernetes compute costs and the complexity of their application routing configuration. As you deploy workloads on Amazon Elastic Kubernetes Service (Amazon EKS), the controller simplifies exposing those applications by automating the provisioning and management and configuration […]
Introduction Apache Kafka, a distributed streaming platform, has become a popular choice for building real-time data pipelines, streaming applications, and event-driven architectures. It is horizontally scalable, fault-tolerant, and performant. However, managing and scaling Kafka clusters can be challenging and often time-consuming. This is where Kubernetes, an open-source platform for automating deployment, scaling, and management of […]
This blog post was co-written by William Ho, Software Engineer, Airtable. Introduction Airtable is a connected applications platform that lets teams and enterprises build flexible interfaces and compose automations on top of their key data. Airtable provides so much flexibility that customers use Airtable for the most critical workflows across their organization. Today, half of […]
In this demo, Slim.ai's Ian Riopel shows how the platform, now in beta, offers users a shared workspace for coordinating vulnerability fixes with software vendors.
Disaster recovery (DR) and business continuity planning (BCP) are critical activities for any organization. During DR operations, after workloads are restored in the DR site, there are a series of steps and activities, such as application configurations and validations, that must be properly orchestrated and coordinated among many teams and functions in order to ensure […]
When troubleshooting distributed applications, you can use Cloud Trace and Cloud Logging together to perform root cause analysis.
Data, the lifeblood of any modern organization, is rarely static. For high-performance applications and workloads, enterprises need the ability to run operations on massive amounts of data, including modifying the data as is necessary for each use case, to further accelerate processing. This could include modifying uploaded images with a watermark, changing the bitrate of […]
Community post by Caleb Woodbine ([email protected]) (ii.nz) The Kubernetes conformance project by CNCF ensures consistency in Kubernetes' stable APIs and core functionalities across…
Member post originally published on InfraCloud's blog by Joy Bhattacherjee On a usual Friday evening, Robin had just wrapped up their work, wished their colleagues a happy weekend…
Nation-state hackers weaponizing Ivanti Connect Secure VPN zero-days to deploy five malware families in a targeted cyber espionage campaign.
Medusa ransomware is on the rise. With a new data leak site on the dark web, they're pressuring victims by publishing sensitive data.
AI and quantum computing are the two hot-button issues most poised to transform cybersecurity strategies in 2024. Here's what else is in store.
Many organizations are opting to run MongoDB in the AWS cloud to gain improved scalability and reliability for their MongoDB deployment.
GitLab patches critical vulnerabilities! CVE-2023-7028 scores a perfect 10 on severity.
As organizations embrace digital transformation, the need for robust, scalable and cost-effective observability solutions becomes paramount.
Cybersecurity's harsh reality: Only 59% of attacks are prevented. Is your defense ready for the real test?" Discover how BAS can change the game.
Securing high-value cloud permissions should be the priority after perimeter defense. If attackers are getting in, a plan is needed for when they're in.
New cyberattack targets Apache Hadoop & Flink using misconfigurations to deploy crypto miners
CISA warns of a critical flaw in Microsoft SharePoint Server! CVE-2023-29357 poses a serious risk with a 9.8 CVSS score.
Today we are announcing that Amazon Elastic Container Service (Amazon ECS) supports an integration with Amazon Elastic Block Store (Amazon EBS), making it easier to run a wider range of data processing workloads. You can provision Amazon EBS storage for your ECS tasks running on AWS Fargate and Amazon Elastic Compute Cloud (Amazon EC2) without […]
Poor team performance doesn't reflect well on any team member. Here's how to find out what's wrong and work on resolving the issues.
With Amazon Cognito, you can implement customer identity and access management (CIAM) into your web and mobile applications. You can add user authentication and access control to your applications in minutes. In this post, I introduce you to the new access token customization feature for Amazon Cognito user pools and show you how to use […]
Harness acquired the assets of Armory, a CD platform based on Spinnaker and a cloud service based on a proprietary platform.
When managing a large volume of data in a storage system, it is common for data duplication to happen. Data duplication in data management refers to the presence of multiple copies of the same data within your system, leading to additional storage usage as well as extra overhead when handling multiple copies of the same […]
A career in platform engineering means becoming part of a product team focused on delivering software, tools, and services.
TAG post originally published on Cloud Native sustainability's blog by Joe Kutner Container builds can be very wasteful. Every operating system update, new dependency version…
Cybercriminals are increasingly using GitHub for malicious activities like payload delivery and command-and-control operations.
The definitions of 10 different types of cyber attacks that you should know about, including clickjacking, DDoS, phishing, and ransomware.
Customers discontinuing their use of Google Cloud can move their data without incurring any network data transfer fees.
Humboldt will be the first subsea cable route to link South America with Asia-Pacific.
New Python-based hacking tool FBot targets web servers & cloud services like AWS & Microsoft 365.
Researchers expose critical flaw in Apache OFBiz, CVE-2023-51467, enabling stealthy memory-resident attacks
The shift to cloud has exposed organizations to new SaaS security challenges. Traditional security is no longer sufficient. We need Zero Trust.
If used to aggregate various data sources and APIs into a unified graph, GraphQL could become 'one schema to rule them all' for enterprises.
Atomic Stealer malware for macOS gets a scary upgrade! Now evading detection with advanced encryption.
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop
Internal users can exploit known vulnerabilities. Therefore, methods that mitigate targeted intrusion are also applicable to insider threats.
Ivanti Connect Secure hit by two zero-day flaws, exploited by suspected China-linked hackers to breach under 10 customers.
Mandiant's X account hacked! A brute-force attack by a DaaS group exploited a 2FA policy gap.
Cisco patches a serious flaw in Unity Connection (CVE-2024-20272, CVSS 7.3). Don't let attackers compromise your system
Business continuity and disaster recovery plans include having a backup strategy for application workloads, whether on-premises or in Cloud. Furthermore, organizations need efficient methods to actively monitor their data protection posture and detect any failure for remediation while meeting the required recovery time objective (RTO) and recovery point objective (RPO) for the business. One efficient […]
This post was co-authored with Nicolas Fournier, Platform Engineer at Unitary. Every day, over 80 years' worth of video content is uploaded online. Some of this content can also be harmful. Unitary knows that human moderators are the current gold standard for moderation, but this manual approach does not scale. While automated systems can scale, […]
A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be the first in which a federal court has recognized…
In this blog post, we delve into using Amazon Web Services (AWS) data protection services such as Amazon Secrets Manager, AWS Key Management Service (AWS KMS), and AWS Certificate Manager (ACM) to help fortify both the security of the pipeline and security in the pipeline. We explore how these services contribute to the overall security […]
In this guest blog post, Nauman Noor (Managing Director), Fabio Dias (Cloud Developer), and Dylan Alibay (Cloud Developer) from the platform engineering team at State Street discuss their use of Amazon Managed Prometheus and AWS Distro for OpenTelemetry to enable monitoring in a multi-tenant, multi-account, and multi-region environment. In the ever-evolving financial services landscape, State […]
When developing a disaster recovery strategy, it is important to manage synchronizing the network configuration between your primary and recovery site, including, but not limited to, things like your access control lists (ACLs) and internet gateways. In many cases, a configuration change in your primary site should be applied to your recovery site. Managing these […]
HPE eyes a networking future with AI and its GreenLake platform at the core with its proposed $14 billion acquisition of Juniper Networks.
Investment in security-aware developers and collaboration between them and AppSec teams should be a driving force in 2024.
With all the hype around AI/ML in observability, it's more likely than ever that companies benefit from storing and viewing data in one system and training ML models in another.
New custom target types in Cloud Deploy let you perform deployments to non-container-based runtimes.
LambdaTest, a leading omnichannel test orchestration and execution cloud platform was looking to scale their multi-Region and hybrid networks. LambdaTest's existing hybrid global network used AWS Site-to-Site VPN to connect their locations and Amazon Virtual Private Clouds (VPCs) across multiple AWS Regions. LambdaTest is growing rapidly, helping over 2 million developers run over 500 million […]
This post was co-authored by James Fogel, Staff Software Engineer on the Cloud Architecture Team at Pinterest Part 1: Design process for Amazon EKS networking at scale Introduction Pinterest is a platform that helps inspire people to live a life they love. Big data and machine learning (ML) are core to Pinterest's platform and product, […]
This post was co-authored by James Fogel, Staff Software Engineer on the Cloud Architecture Team at Pinterest Part 2: Spark on EKS network design at scale Introduction In this two-part series, my counterpart, James Fogel (Staff Cloud Architect at Pinterest), and I share Pinterest's journey designing and implementing their networking topology for running large-scale Spark […]
Cedar is an open-source language that you can use to authorize policies and make authorization decisions based on those policies. AWS security services including AWS Verified Access and Amazon Verified Permissions use Cedar to define policies. Cedar supports schema declaration for the structure of entity types in those policies and policy validation with that schema. […]
Member post originally published on Elastisys's blog by Lars Larsson This article is all about demystifying container platforms and showing what value they bring on several levels: business…
Deploying LLM Apps to AWS, Creating EKS Cluster with CDKTF, "Hello World" Lambda with Rust
NoaBot, a Mirai-based botnet, is targeting SSH servers for crypto mining since early 2023
Amazon Web Services (AWS) customers can use the AWS global infrastructure to deploy workloads to multiple AWS Regions. They can create global networks that span multiple AWS Regions to connect these workloads to each other and to on-premises networks. A common design pattern is to use a central networking AWS account to own shared network resources, such as AWS Transit […]
Is your organization protected against third parties misusing data and putting you at risk?
Don MacVittie starts the year with advice about understanding the difference between what you can and cannot change.
Tackling the ever-expanding enterprise attack surface is a daunting task for IT pros. From servers to apps, the challenge is real.
Effectively responding to an increasingly high volume of sophisticated cyber attacks can be uniquely challenging.
Researchers have released decryptors for both the Tortilla variant of Babuk ransomware and Black Basta ransomware
FTC bans Outlogic from selling sensitive location data! A landmark move for digital privacy.
Microsoft's latest update tackles a whopping 48 security vulnerabilities! Stay protected with their January 2024 Patch Tuesday fixes
CISA adds six new flaws to its KEV catalog, highlighting urgent need for network security upgrades!
Amazon Web Services (AWS) is named as a Leader in the 2023 ISG Provider Lens Quadrant Report for Multi Public Cloud Services – Sovereign Cloud Infrastructure Services (EU), published on January 8, 2024. This first-ever Information Services Group (ISG) report evaluates providers of sovereign cloud infrastructure services in the multi public cloud environment and examines […]
AWS Certificate Manager (ACM) is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Amazon Web Services (AWS) and your internal connected resources. Today, we're announcing that ACM will be discontinuing the use of WHOIS lookup for validating domain ownership when you request email-validated […]
A Broadcom survey found islands of automation that operate independently can cause organizations to fail to meet SLAs.
In November 2022, Amazon Web Services (AWS) announced the launch of Amazon CloudFront continuous deployment, extending the functionality of your existing CloudFront distributions by allowing you to test and validate configuration changes to a percentage of live traffic before extending to your wider audience. Previously, customers had to do the heavy lifting of changing DNS […]
Though there were only a handful of changes in NIST SP 800-171 R3, there were some significant ones regarding assessment practices.
Organizations need SaaS app security tooling that can detect and respond to OAuth token grants that suggest unusual suspicious activity.
Leaders in every sector of society, including business, education, and government, should be thinking about the changes that are happening now, and how best to position their organizations for the future.
In this post, we show you how to apply attribute-based access control (ABAC) while you store and manage your Amazon Elastic Kubernetes Services (Amazon EKS) workload secrets in AWS Secrets Manager, and then retrieve them by integrating Secrets Manager with Amazon EKS using External Secrets Operator to define more fine-grained and dynamic AWS Identity and […]
Unlock significant savings with GKE discounts in Kubernetes with cost management strategies such as Spot VMs and Committed Use Discounts (CUD).
A new solution template helps you get started with Jupyterhub on GKE, providing a pre-configured GKE cluster, Jupyterhub config, and custom features.
Community post by Christophe Sauthier, Flavien Hardy, Ludovic Logiou, Stéphane Este-Gracias, and Guillaume Bernard The Cloud Native Glossary is a project led by the CNCF Business Value Subcommittee.
Beware of Water Curupira! This threat actor is spreading PikaBot, more than a malware loader – it's a gateway to ransomware attacks.
After 20 years, the design patterns, principles, and practices in two classic books on Demand Driven Design (DDD) and Enterprise Integration Patterns (EIP) are still very relevant.
Turkish hackers targeting poorly secured MS SQL servers across the U.S., European Union, and Latin America.
Welcome to the 24th edition of the AWS Serverless ICYMI (in case you missed it) quarterly recap. Every quarter, we share all the most recent product launches, feature enhancements, blog posts, webinars, live streams, and other interesting things that you might have missed! In case you missed our last ICYMI, check out what happened last […]
The coming decade will be defined by platform engineering, laying a firm foundation for AI-driven innovation in enterprises.
Nerd/Noir is partnering with DX to help identify areas where organizations can improve developer experience.
Have internal developer portals (IDPs) successfully enhanced productivity without sacrificing developer experience or developer satisfaction?
Collaboration is key in SaaS, but did you know 58% of security incidents involve data leaks? Discover the balance between sharing and security.
Kyocera and QNAP users, beware! High-severity vulnerabilities are lurking. Update now to prevent attacks.
Beware of YouTube videos offering cracked software! They might be a gateway to the Lumma malware, stealing your sensitive information
Learning Kubernetes can seem overwhelming. It's a complex container orchestration system that has a steep learning curve. But
Code coverage is a code quality metric leveraging unit tests. Coming up with test cases with every combination of parameters requires developer's time, which is already scarce. Developers' focus is (mis)directed at just meeting the coverage threshold. In doing so, quality of code may be compromised and resulting code may still result in unexpected outcomes. […]
Happy New Year! Cloud technologies, machine learning, and generative AI have become more accessible, impacting nearly every aspect of our lives. Amazon CTO Dr. Werner Vogels offers four tech predictions for 2024 and beyond: Generative AI becomes culturally aware FemTech finally takes off AI assistants redefine developer productivity Education evolves to match the speed of […]
LinkedIn's new open source software development framework mixes hard data with the importance of the human element.
By embracing a strategic and structured approach to Kubernetes management, organizations can unlock its full potential, transforming it into a key driver for business efficiency and innovation.
Community post from the team at OSTIF OSTIF and the CNCF are proud to announce the completion of a security audit of CubeFS. The project, which provides cloud-native storage across a variety of access…
Ambassador post by Zou Nengren Two months ago, we were thrilled to share insights in the article "Best Practices for Migrating VM Clusters to KubeVirt 1.0." As previously mentioned…
Anonymous Arabic releases Silver RAT, a trojan that slips past security and takes hidden control
A new CSA research paper helps security professionals clearly communicate the business value a Zero Trust strategy can bring.
DevOps professionals have several common hurdles to successful implementation. Here are five technologies that can help.
Looking for a great new DevOps job? Check out these available opportunities at Fox Tech, Caresoft and more!
Why should SecOps, risk management, and strategy work together? Find out how a unified approach can fortify your digital defenses.
Securing containers across the entire software development life cycle is a huge win for cybersecurity teams and DevOps.
Explore how Zero Trust Security can minimize your attack surface and safeguard against sophisticated attacks.
NIST raises an alarm on AI's privacy & security risks. Discover how AI systems like ChatGPT face new threats.
The DoJ cracks down on xDedic Marketplace, charging 19 in a $68M cybercrime saga.
North Korean hackers have stolen over $600M in crypto in 2023! A significant threat to global financial security.
How workload identity on EKS (AWS Kubernetes) works to access cloud resources and how EKS Pod Identity is helpful
In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But…
The first newsletter of the year, with posts on the evolution of DAST, the struggles with adopting automated testing and team topologies, as well as technical posts on the new version of Go, Tekton pipelines and PostgreSQL.
Reporting an outcome's occurrence consistently increases its perceived likelihood and alters the judged relevance of data describing the situation preceding the event. Baruch Fischhoff, Hinds…
A new cyber espionage campaign targets the Netherlands' telecom and IT sectors. The Türkiye-linked Sea Turtle group is behind these politically motiva
A new wave of cyber attacks in Albania, orchestrated by an Iranian group, uses a destructive malware named No-Justice.
A Broadcom survey found well over half of respondents have adopted some form of value stream management (VSM), but most are in early stages.
Member post by Tal Yitzhak, Solution Architect at Lightrun As we bid farewell to a remarkably productive year in 2023, the dedicated members of the Cloud Native Computing Foundation (CNCF) community…
Community post by the TM Forum's WebAssembly Canvas Catalyst team: CSPs: Orange, Vodafone, Etisalat by e&, nbnCo ISVs: SigScale, Wavenet, Comviva CNCF Technology: CNCF wasmCloud…
Cybersecurity experts unveil SpectralBlur, a new macOS backdoor with ties to North Korean malware.
Generative AI risks are high. Knowing how to combat the risks AI tools pose will keep your organization gleaming.
The fast-paced nature of DevOps can leave security teams struggling to keep up. Explore five simple ways to streamline DevOps security.
A Checkmarx report details an 'Everything' package distributed via the NPM registry that cripples any machine used to download it.
(Manual Add) A new npm package named everything would prevent any existing npm package from ever being removed, per npm terms of service.
The 2020s will witness the infusion of GenAI into almost every aspect of computing, both personal and enterprise. But the AI revolution bears some intriguing parallels to the computing world of the 1990s.
Observability agents can consume many resources. To address this, they are or can be monitored themselves to ensure they do not excessively consume resources, thus preventing unnecessary costs.
Ivanti releases updates for a critical remote code execution security flaw in Endpoint Manager.
Discovered a hidden secret in your company's code? Understanding its impact is just the beginning. Find out how to manage these risks effectively.
New Bandook Trojan variant targets Windows users! Disguised in phishing emails as PDFs.
range Spain hit by major internet outage due to cyberattack. Find out how a simple malware breach led to massive service disruption.
Ukraine's cybersecurity team reveals Russian hackers, Sandworm, infiltrated Kyivstar telecom since May 2023.
What would happen if Identity Governance & Administration and Privileged Access Management were integrated? Explore the advantages of such a synergy.
Member post originally published on ARMO's blog by Oshrat Nir, Developer Advocate at ARMO While Kubernetes adoption continues to soar, it has become a prime target for cyberattacks. Unfortunately…
Backstage, Open-source alternatives to Terraform Enterprise/Cloud, EKS, ML
Serverless enables developers to focus on writing code and building applications, while the cloud provider takes care of the underlying infrastructure.
In Part 1 of this series, you learned about Blue/Green testing and deployment on AWS, a key strategy that increases application availability and reduces deployment risk by simplifying the rollback process if a deployment fails. We explored live replication using AWS Application Migration Service (AWS MGN) and introduced prebuilt post-launch actions with AWS Systems Manager […]
Balancing developer freedom and governance controls is a key challenge faced by organizations that are adopting cloud. On one hand, developers need the freedom to innovate and develop new applications and services quickly and on the other, organizations need to maintain control over the resources used and the data processed in order to ensure compliance […]
Customers are becoming more aware of the benefits of migrating to AWS in a world increasingly pivoting towards cloud adoption. A recent whitepaper by IDC found that customers who migrate to AWS can experience a 51% reduction in the cost of operations, a 62% increase in IT staff productivity, and a 94% reduction in downtime. […]
Microsoft leadership unveiled new capabilities in Azure AI Studio that will empower individual developers to create copilots of their own.
This post is written by Alejandro Gil, Solutions Architect and Joseba Echevarría, Solutions Architect. Introduction The purpose of this blog post is to compare video encoding performance between CPUs and Nvidia GPUs to determine the price/performance ratio in different scenarios while highlighting where it would be best to use a GPU. Video encoding plays a […]
Beware of hidden dangers in open-source libraries. Three new malicious PyPI packages found deploying cryptocurrency miners.
Mandiant's Twitter account, a Google Cloud subsidiary, was hacked for over six hours. The attacker promoted a cryptocurrency scam.
Don't miss our tips on using Software Composition Analysis tools to manage dependencies and vulnerabilities effectively.
The threat actor UAC-0050 is using phishing attacks to distribute the Remcos RAT while employing new strategies to avoid detection.
The dust has settled after another re:Invent. I once again had the privilege of organizing the DevOps and Developer Productivity (DOP) track along with Jessie VanderVeen, Anubhav Rao and countless others. For 2022, the DOP track included 59 sessions. If you weren't able to attend, I have compiled a list of the on-demand sessions for […]
As we kick off 2024, I wanted to take a moment to highlight the top posts from 2023. Without further ado, here are the top 10 AWS DevOps blog posts of 2023. Unit Testing AWS Lambda with Python and Mock AWS Services – When building serverless event-driven applications using AWS Lambda, it is best practice to […]
Amazon Web Services (AWS) Verified Access (AVA) is a secure remote access service that eliminates the need for VPNs. AVA reduces management complexity and improves security with real-time evaluations of requests based on factors such as identity and device posture. With Verified Access, you can define access policies written in Cedar using end user context, […]
Traffic Mirroring is an Amazon Virtual Private Cloud (VPC) feature you can use to copy network traffic from an elastic network interface of an Amazon Elastic Compute Cloud (EC2) instance and send it to a target storage service for analysis. You can use it for content inspection, threat monitoring, network performance monitoring, and troubleshooting. Through […]
Two primary remediation approaches can help security teams respond faster: assistive and automatic remediation. Here's how they differ.
In 2024, AI will make cybercrime more sophisticated. Here are some expert opinions on how AI and cybersecurity will change in the coming year.
Administrators may need to monitor and audit actions, like uploads, updates, and deletes, taken on files and other data to comply with regulations or company policies. A scalable and reliable method of tracking and saving actions taken on files can reduce manual work and operational overhead while helping to ensure compliance. An event-based fanout architectures […]
Highly regulated industries, such as finance, healthcare and government, need to exchange business to business files securely. Common protocols like SFTP provide a broadly-supported, standard method for moving files securely across public networks. For some customers, compliance requirements drive a higher bar for their SFTP authentication. To meet more stringent compliance requirements, aside from controlling […]
Ambassador post originally published on Medium by Mathieu Benoit Platform Engineering was a huge theme at KubeCon NA 2023 in Chicago. More than ever before. More and more companies have initiatives to…
Two best practices to better align observability practices with the goal of delivering exceptional user experiences.
With continuous automation, startup aims to eliminate having to manually tune workloads and adjust Kubernetes resource allocation, saving companies money.
(Manual Submission - Added for relevancy) Google is planning a significant restructuring that might lead to layoffs of around 30,000 employees within its ad sales division due to the integration of AI technology.
Reflecting on the past year, we look where developer productivity is headed in 2024, including platform engineering, AI assistance and measuring it all.
Observability has arguably emerged as crucial for navigating the chaos from an explosion in data. Yet the surge in data has created its own chaos.
Building and maintaining a secure, compliant managed file transfer (MFT) solution to securely send and receive files inside and outside of your organization can be challenging. Working with a competent, vigilant, and diligent MFT vendor to help you protect the security of your file transfers can help you address this challenge. In this blog post, […]
In software engineering, selecting a programming language is a pivotal decision for any organization. Here's what you need to know.
What methodology (and metrics) should you use to accurately assess the impact on productivity and value delivery of a tool like GitHub Copilot?
I found myself needing to make a cronjob using AWS Lambda but it turned out to be a bit more complex than I had hoped.
80% of breaches involve compromised identities. Discover how Nudge Security offers practical SaaS security solutions to safeguard your data.
XCast, a VoIP provider, faces a $10 million penalty for facilitating illegal robocalls and deceptive telemarketing campaigns since 2018.
Information-stealing malware is exploiting an undocumented Google OAuth endpoint called MultiLogin to hijack user sessions.
SMTP Smuggling can let cybercriminals send fake emails with forged sender addresses, bypassing security checks.
Generative AI coding tools are changing the way developers accomplish day-to-day development tasks. From generating functions to creating unit tests, these tools have helped customers accelerate software development. Amazon CodeWhisperer is an AI-powered productivity tools for the IDE and command line that helps improve developer productivity by providing code recommendations based on developers' natural language […]
Enterprises are constantly seeking ways to accelerate their journey to the cloud. Infrastructure as code (IaC) is crucial for automating and managing cloud resources efficiently. The AWS Cloud Development Kit (AWS CDK) lets you define your cloud infrastructure as code in your favorite programming language and deploy it using AWS CloudFormation. In this post, we […]
When announcing a new SOC 2 report, don't use the phrase âSOC 2 Certified.â Instead, focus on how it helps the company prioritize security.
Artificial Intelligence for IT Operations (AIOps) is a transformative solution that redefines the way we safeguard networks.
Consider the potential impacts that a malicious SaaS plugin could have on a business. Here are the top five risks.
Customers expect database solutions to be both scalable and equipped with robust recovery mechanisms to address unexpected data disruptions. Unintentional transactions or system failures can impact the business. Recovering to a specific point-in-time with point-in-time-recovery (PITR) is indispensable for some customers with critical workloads or compliance requirements AWS Backup simplifies protecting Amazon Aurora databases with […]
Member post by DatenLord In the previous article on code interpretation, we briefly explained how the CurpServer of Xline is implemented. Now, let's delve deeper into some core data structures in the…
(devops-scanner admin note - Manually added from a suggestion as it seems to be a useful resource) -Hands-on labs. Kubernetes experts. Your own pace.
For another year, at least, AI will continue to grab the headlines. Here are some aspects of AI engineering that might affect developers in 2024.
Understanding and applying these five key microservices design patterns can help you design more scalable, reliable and maintainable applications.
Looking for a great new DevOps job? Check out these available opportunities at VyncaCare, L3Harris and more!
More organizations than ever will need to invest in IT training as advances in AI transform roles and responsibilities in the coming year.
Google settles a $5 billion class-action lawsuit over tracking in 'incognito mode.'
Browsers play a crucial role in the corporate world, but their security is now a top concern. Find out how purpose-built enterprise browsers are the a
Through its new cybersecurity disclosure requirements, the SEC is pushing US companies to focus on cyber risk management.
An in-depth analysis of the SCARLETEEL cyber attack using the MITRE ATT&CK framework.
Shared IT infrastructure resources and pay-as-you-go price models have become common across industries, with the typical use case being the cloud multi-tenant concept. As resources are managed in an increasingly granular fashion, the billing granularity for resources also needs to be carefully considered to achieve the most accurate billing possible. For multi-tenant product vendors, measuring […]
A new malware loader called JinxLoader is being used by threat actors to deliver payloads such as Formbook and XLoader.
Researchers uncover a critical SSH protocol vulnerability, "Terrapin" (CVE-2023-48795), allowing attackers to compromise secure connections.
Security researchers uncover a novel DLL search order hijacking technique that threatens Windows 10 and 11 systems.
For the last day of 2023 I've pulled together a list of the best posts from the last 3 months or so. An interesting set, covering incident management, LLMs, observability, build engineering and more. Here's to a fruitful 2024.
Consistency
- surfingcomplexity.blog - December 31, 2023"Welcome aboard to BigCo!" "Thanks! I'm excited to be here. This is my first tech job, even if it is just an internship." "We're going to start you off wit…
Using the Swedish word "Lagom" as a jumping-off point, this article explains the importance of choosing an SLO that is just right: not too lax and not too strict.
When it comes to managing your code changes in Azure DevOps, there are various scenarios where you might need to abandon a pull request without merging.
The rapid pace of digital transformation is creating huge demands for DevOps skills across industries. This has put the spotlight on credentials like the AWS
Scam-as-a-service are targeting cryptocurrency wallets, draining them of digital assets.
Member post by Abhilash A, Product Marketing at Ozone Today, Platform engineers find themselves at the forefront of transformative changes, steering the ship toward cloud-first and Kubernetes-centric…
SimKube can replay a trace from a Kubernetes production cluster in a simulated or development cluster. Good for troubleshooting, parameter testing.
BumbleBee simplifies the process of building and running distributed eBPF programs, encapsulating them as OCI images and publishes them into an OCI-compliant registry.
Amazon Web Services is pleased to announce that the AWS US East (Ohio) and Europe (Paris) Regions have been recertified through October 2024 by the GSM Association (GSMA) under its Security Accreditation Scheme for Subscription Management (SAS-SM) with scope Data Centre Operations and Management (DCOM). The US East (Ohio) Region first obtained GSMA certification in […]
In this week's #TheLongView: Scrum sucks, sources say; and here comes the Linux 6.5 kernel.
All implementations of mutable state in a geographically distributed system are either slow (require coordination when updating data) or weird (provide weak consistency only). Sebastian Burckhardt,…
KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn't devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I…
Albanian Parliament and telecom company One Albania have both fallen victim to cyber attacks
Ukraine's CERT warns of a new phishing campaign by Russia-linked APT28. They're deploying stealthy malware like MASEPIE and STEELHOOK.
North Korean nation-state actors are using spear-phishing attacks to seize control of computers, deploying tools like AppleSeed and Meterpreter.
Microsoft takes action against malware threat: disables ms-appinstaller protocol handler by default.
Try Amazon EC2 t4g.small instances powered by AWS Graviton2 processors free for up to 750 hours / month until Dec 31st 2024. Refer to the FAQ for additional details.
In 2024, CSA will be focusing on AI safety and assurance, Zero Trust training, and the next version of the CCSK.
Member post originally published on Fairwinds's blog by Andy Suderman Kubernetes rightsizing is the process you use to ensure that your Kubernetes cluster has the right amount of resources to run your…
Community post by Amir Montazery, OSTIF We at OSTIF are excited to announce the 2023 Cloud Native Computing Foundation Audit Impact Report. This is the second year of the program between the two…
Researchers at Ruhr University have found a significant vulnerability that targets the SSH protocol by manipulating the handshake process.
Matt Welsh shares his perspectives about the future of computer science, distributed computing, and if ChatGPT and GitHub Copilot represent the beginning of the end of programming.
Do you need an internal developer platform (IDP) or a developer portal? It depends on who you talk with — and how far along you are in your platform engineering journey.
Introduction At AWS we are constantly striving to improve customer experience. For instance, we launched IAM Roles for Service Accounts (IRSA) in 2019 that allows customers to configure Kubernetes (k8s) applications running on AWS with fine-grained AWS Identity and Access Management (AWS IAM) permissions to access other AWS resources such as Amazon Simple Storage Service […]
Containerization technologies such as Docker and orchestration solutions such as Amazon Elastic Container Service (Amazon ECS) are popular with customers due to their portability and scalability advantages. Container runtime monitoring is essential for customers to monitor the health, performance, and security of containers. AWS services such as Amazon GuardDuty, Amazon Inspector, and AWS Security Hub […]
In this week's #TheLongView: Amazon Prime Video has ditched its use of microservices-cum-serverless, reverting to a traditional, monolithic architecture. It vastly improved the workload's cost and scalability.
Google Cloud addresses medium-severity security flaw! Attackers with Kubernetes cluster access could escalate privileges.
Kaspersky discovers the "most sophisticated attack chain" targeting Apple iOS devices.
Threat actors are using a new malware loader to distribute various information stealers, including Lumma Stealer, Vidar, RecordBreaker, and Rescoms.
Testing with Terraform (Cloud), CI/CD with Amazon CodeCatalyst
CVE-2023-38831 has been spread globally by threat actors including DarkMe, APT40, and SandWorm. Learn how each group has exploited this vulnerability.
Mentorship post originally published on dev.to by Magnim Thibaut Freedisch Batale The Linux Foundation Mentorship Program offers a dynamic three-month internship where participants engage in hands-on…
It can be all too easy to let a subset of your IT organization "handle" resiliency. If resilience is about an ability to adapt and respond to change, then it needs broad buy-in.
Both roles of Aws Solutions Architect and DevOps Engineer are crucial in modern tech environments, with Solutions Architects focusing on designing robust
It's not likely that ChatGPT will replace programmers and developers, but it can help with more mundane tasks and reduce toil.
Chinese threat actors exploited a new zero-day vulnerability in Barracuda's Email Security Gateway (ESG) appliances.
A zero-day security flaw discovered in Apache OfBiz ERP system could allow unauthorized access.
Xamalicious Android backdoor malware disguises itself as legit apps, infecting over 327,000 devices.
Poorly secured Linux SSH servers are under attack! Threat actors are installing tools to guess credentials, co-opt other servers.
CSA's Cloud Infrastructure Security Training Bundle offers 13 courses that serve as a reliable guide in your cloud security journey.
Member post originally published on Katalyst's blog by Pengcheng Tang The resource usage of web applications tends to fluctuate with changes in the number of visitors…
Member post originally published on the Amplication blog by Levi Van Noort Over the last decade, there have been notable shifts in the process of delivering source code. One of the more recent…
Community post originally published on dev.to Sunny Bhambhani Helm is really a very powerful tool for managing objects and is widely adopted across various organizations. It is truly a game changer on…
Provisioning a fleet of servers in 30 minutes is magic, but it is not a requirement that comes up that often for most businesses, David Heinemeier Hansson argues.
Spanish version » We continue to listen to our customers, regulators, and stakeholders to understand their needs regarding audit, assurance, certification, and attestation programs at Amazon Web Services (AWS). We're pleased to announce that the Fall 2023 System and Organization Controls (SOC) 1, SOC 2, and SOC 3 reports are now available in Spanish. These […]
DevOps is far from 'dead'! There's plenty to come in 2024, Techstrong Group's Alan Shimel reports. Stay tuned!
Teams that embrace loose coupling are better equipped to respond to challenges, gain a competitive advantage and adapt to a constantly changing tech landscape.
Carbanak malware is back, and it's using new tactics in ransomware attacks. Learn how it's impersonating business software to infiltrate systems.
Cloud Atlas spear-phishing attacks hit an agro-industrial enterprise and a state-owned research company.
I while back I built a number of pipelines using the docker-build-push action here. This uses buildx and buildkit to do its build/push stuff, and allows if needed for things like multi-arch builds. However what I quickly discovered was that you could not use ECR for the caching part of…
Here are some proposed questions for interviewing someone for an SRE role. Really, these are just conversation starters to get them reflecting and discussing specific incident details. The question…
Two British teens, part of the LAPSUS$ cybercrime gang, sentenced for orchestrating high-profile attacks against companies.
Photo by Matthew Lancaster We know that not all of the services in our system are critical. For example, some of our internal services provide support functions (e.g., observability, analytics), wh…
Long considered the de facto approach to application architecture for cloud native services, microservices is starting to be refactored by cloud giants such as Amazon and Google.
Introduction We have observed a growing adoption of container services among both startups and established companies. This trend is driven by the ease of deploying applications and migrating from on-premises environments to the cloud. One platform of choice for many of our customers is Amazon Elastic Container Service (Amazon ECS). The powerful simplicity of Amazon […]
Introduction Organizations across financial services and other industries have business processes that require executing the same business logic across billions of records for their machine learning and compliance needs. Many organizations rely on internal custom orchestration systems or big data frameworks to coordinate the parallel processing of their business logic across many parallel compute nodes. […]
Organizations undergoing cloud migrations and business transformations often find themselves managing IT operations in hybrid or multicloud environments. This can make it more complex to safeguard workloads, applications, and data, and to securely handle identities and permissions across Amazon Web Services (AWS), hybrid, and multicloud setups. In this post, we show you how to assume […]
AWS Signer is a fully managed code-signing service to help ensure the trust and integrity of your code. It helps you verify that the code comes from a trusted source and that an unauthorized party has not accessed it. AWS Signer manages code signing certificates and public and private keys, which can reduce the overhead […]
They say the best gifts are the ones you can't wrap. That holds true for IT teams, too. So give 'em what they want: A break!
There's some speculation that we're seeing a decline in the open source space. But that's not necessarily true.
At AWS re:Invent 2023, Shira Rubinoff talks with Rob Whiteley about Coder's cloud development environment.
Techstrong Group CEO and Editor-in-Chief Alan Shimel takes a peek in the rearview mirror to revisit 2023 through the lens of DevOps.
All other things being equal, what's more expensive for your business: a fifteen-minute outage or an eight-hour outage? If you had to pick one, which would you pick? Hold that thought. Imagin…
A new phishing campaign is using Microsoft Word docs as bait to deliver Nim-based malware.
Iranian threat actor targets Defense Industrial Base sector with a new backdoor called FalseFont.
Indian government and defense entities under attack! A phishing campaign dubbed "Operation RusticWeb" deploys Rust-based malware for intel gathering
Watch out for WordPress plugin that can create fake administrator users and inject malicious JavaScript code to steal credit card information
Threat actor UAC-0099 continues to target Ukraine with cyberattacks. They exploit a critical WinRAR flaw to deliver the dangerous LONEPAGE malware.
Today we announce the availability of Amazon CloudWatch Network Monitor, a feature of CloudWatch that makes it easy to gain visibility of your hybrid network connectivity with AWS. CloudWatch Network monitor currently supports hybrid monitors for networking built with AWS Direct Connect and AWS Site-to-Site VPN. You can find Amazon CloudWatch Network Monitor in the Amazon CloudWatch […]
2023 showed that no SaaS application is immune from being compromised. Here are 2024 predictions from 5 cybersecurity thought leaders.
Apply the Application & Interface Security domain of the Cloud Controls Matrix (CCM) to Generative AI (GenAI).
How do you effectively protect your containers? Here are three concrete steps needed to build a robust container security strategy.
ityAs you design your Amazon API Gateway applications to rely on mutual certificate authentication (mTLS), you need to consider how your application will verify the revocation status of a client certificate. In your design, you should account for the performance and availability of your verification mechanism to make sure that your application endpoints perform reliably. […]
Have you wondered what are the best practices in safeguarding your infrastructure from unintended release of Elastic IP addresses? In this blog, we are providing a few proactive self-service solutions to streamline IP handling and obtaining a robust environment for critical applications. Before diving into the solution, let us revisit some key concepts of AWS […]
Today, we are announcing that your MySQL 5.7 and PostgreSQL 11 database instances running on Amazon Aurora and Amazon Relational Database Service (Amazon RDS) will be automatically enrolled into Amazon RDS Extended Support starting on February 29, 2024. This will help avoid unplanned downtime and compatibility issues that can arise with automatically upgrading to a […]
For the final newsletter of the year, CISO Phil Venables and Nick Godfrey share a list of the security updates that most interested you in 2023, and present insights from our new Cybersecurity Forecast report for 2024.
Senser is extending the reach of its AIOps platform to include an ability to define and maintain SLAs and SLOs.
The IBM Cost of a Data Breach Report reveals record-high breach costs in 2023, averaging $4.45 million. Discover the financial impact of data breaches
German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.
Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla
Predator spyware for Android and iOS devices can now survive reboots, with a licensing model that runs into millions of dollars
An evolved version of the Chameleon banking malware can bypass biometric authentication and displays HTML prompts.
New JavaScript malware alert! It's on a mission to steal your online banking credentials. Over 40 financial institutions worldwide are under attack.
Google releases urgent security updates for Chrome! A zero-day vulnerability (CVE-2023-7024) in WebRTC could lead to program crashes or code execution
terraform-docs and Quick Tip regarding AWS SCP whitespaces
Highlighting the importance of managing risks in business relationships with vendors and partners. Focus on safeguarding data flow and security.
Addressing the critical need for comprehensive security in Continuous Integration and Continuous Deployment pipelines. Effective solutions for enhanced pipeline security.
Uncover the dynamic shift in Privileged Access Management through Just-In-Time cloud access. JIT systems revolutionize traditional methods in these 5 ways.
Set up a VPC, handle IP addressing, and complete many other tasks with AI created step-by-step instructions.
Introduction Amazon's Elastic Kubernetes Service (Amazon EKS) removes a lot of the heavy lifting that goes into managing Kubernetes. For example, AWS manages the Kubernetes control plane on your behalf, including patching, tuning, and updating it as necessary. Then there are features such as managed node groups that give you a mechanism for managing the […]
Notifications for critical AWS Support cases are essential to ensure that issues that affect your workloads are addressed quickly. AWS Support sends email notifications automatically when support cases are newly created or updated in your AWS accounts, and they can be viewed in AWS Support Center, or the AWS Managed Services (AMS) console for customers […]
Amazon CloudWatch is a foundational AWS service that provides you with actionable insights into your cloud resources and applications. With Amazon CloudWatch Metrics, you can gain better visibility into your infrastructure and large-scale application performance. You can set up alarms using Amazon CloudWatch Alarms for metrics emitted by AWS services or your applications. Identifying which metrics […]
Many customers rehost their environments to AWS using AWS Application Migration Service (MGN), and have to prepare future-state configuration for every server they are migrating within each migration wave. When a migration wave includes multiple servers, customers have to manually configure multiple EC2 Launch Templates in the AWS console. For each server migrated using AWS […]
Starting today, Amazon Route 53 Resolver supports using the DNS over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints. As the name suggests, DoH supports HTTP or HTTP/2 over TLS to encrypt the data exchanged for Domain Name System (DNS) resolutions. Using TLS encryption, DoH increases privacy and security by preventing eavesdropping and […]
Today, we are opening a new Region in Canada. AWS Canada West (Calgary), also known as ca-west-1, is the thirty-third AWS Region. It consists of three Availability Zones, for a new total of 105 Availability Zones globally. This second Canadian Region allows you to architect multi-Region infrastructures that meet five nines of availability while keeping […]
Digibee is leveraging AI to make it simpler to migrate to its iPaaS environment by converting code into a JSON format.
Hybrid cloud environments are becoming increasingly pivotal for DevOps teams, and the trend looks to continue in 2024.
The shared responsibility model reminds us that we still have to protect our apps, no matter where they're deployed.
International police operation HAECHI-IV has led to the arrest of 3,500 individuals and $300 million in seizures across 34 countries.
Chinese-speaking threat actors, known as the Smishing Triad, are posing as UAE authorities to gather sensitive information via malicious SMS messages.
A new malware called JaskaGO, based on the Go programming language, has been discovered.
Malicious actors are cloning legit sites to trick you into scams. Memcyco's digital watermark ensures site authenticity, so you can trust the web.
Ransomware groups are stepping up their game with remote encryption attacks. Just one vulnerable device can compromise an entire network.
Business collaboration tools help employees with productivity and communication. But they can also present many cybersecurity risks.
On October 27, 2023, the Office of Management and Budget released a draft memorandum 'Modernizing FedRAMP.' Here are 7 takeaways.
Security teams must be familiar with custom-developed software and commercial off-the-shelf software. Learn how each type is secured.
Despite being sidelined by the Linux Foundation, the open source Tungsten Fabric software-defined networking stack enjoys a thriving user base of cloud providers.
Today, AWS India customers can now securely save their credit or debit cards in their AWS accounts according to the Reserve Bank of India (RBI) guidelines. Customers can use their saved cards to make payments for their AWS invoices. Previously, customers needed to manually enter their card information in the payments console for each payment. […]
Today Google Cloud is launching - at no cost - a secret discovery tool in Sensitive Data Protection that can find and monitor for stored plaintext credentials.
Here are six distinct technology trends that are poised to be particularly influential for DevOps and software development in the new year.
At KubeCon NA 2023, Alan Shimel talks with David DeSanto from GitLab about the potential for generative AI in DevSecOps.
Opsera is leveraging a generative artificial intelligence (AI) model it built to enable DevOps teams to migrate from one platform to another.
As the technology industry prepares for 2024, it's clear that innovation and adaptation will be the keys to success in DevOps.
The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released a…
This blog post is written by Jose Guay, Technical Account Manger, Enterprise Support. A typical option to reduce costs associated with running Amazon Elastic Compute Cloud (Amazon EC2) instances is to stop them when they are idle. However, there are scenarios where stopping an idle instance is not practical. For example, instances with development environments […]
This post is written by Dominic Gagné, Senior Software Development Engineer, and Vinodh Kannan Sadayamuthu, Senior Solutions Architect Amazon MQ now supports cross-Region data replication for ActiveMQ brokers. This feature enables you to build regionally resilient messaging applications and makes it easier to set up cross-Region message replication between ActiveMQ brokers in Amazon MQ. This […]
The notorious 8220 Gang is exploiting a high-severity flaw (CVE-2020-14883) in Oracle WebLogic Server to spread malware.
Budgeting for 2024? Don't forget to allocate funds for security awareness training. Discover why it's crucial for your organization.
Russian cybercriminal Mikhail Pavlovich Matveev, indicted by the U.S., led ransomware attacks worldwide, showing a disregard for ethics.
Play ransomware, impacting 300 entities worldwide, employs a double-extortion model by exfiltrating data before encryption.
U.S. Justice Department disrupts the BlackCat ransomware operation and releases a decryption tool
PyPI packages masquerading as network proxy libraries were found to contain malicious code.
Iranian cyber espionage group MuddyWater targets telecom sectors in Egypt, Sudan, and Tanzania using the MuddyC2Go framework.
PikaBot, a dangerous loader, is spreading via malvertising campaigns targeting users searching for legit software like AnyDesk
It’s a common occurrence: You’re sitting at your desk, lost in thought, trying to solve a problem that’s been blocking your work all week...
Follow these best practices for public container images in Docker Hub to reduce security risks to your CI/CD pipeline.
Uncovering the overlooked vulnerabilities in SaaS default settings and user misconfigurations, highlighting the critical need for strengthened security practices in the SaaS ecosystem.
Unveil the truth about SOC 2's role as a reporting and control evaluation framework and the significance of customizing controls to meet business objectives.
Doing business with a recently breached company might be a strategic move. Explore the aftermath of data breaches and their transformative impact on organizations.
Soon, you will be able to adjust the amount of memory or CPU that a container may have on the fly, without restarting. Also, in-tree cloud providers and iptables get the boot.
How to use NetApp Cloud Volumes ONTAP (NetApp CVO) features to improve the performance of EDA workloads running on Google Cloud.
Introduction Since the initial Amazon Elastic Kubernetes Service (Amazon EKS) launch, it has supported AWS Identity and Access Management (AWS IAM) principals as entities that can authenticate against a cluster. This was done to remove the burden—from administrators—of having to maintain a separate identity provider. Using AWS IAM also allows AWS customers to use their […]
Amazon Web Services (AWS) provides a highly reliable, scalable, and low-cost cloud infrastructure platform in many Regions around the world. AWS has designed these Regions to be isolated from each other. This design enables applications to achieve a high level of fault tolerance and stability. Regions are further grouped into partitions such as aws, aws-gov, […]
Navigating Windows Workload Modernization without Active Directory AWS Customers often migrate Windows workloads to AWS using a lift-and-shift or modernization strategy. Modernizing is a popular choice due to the opportunity to use purpose-built cloud services and reduce TCO by lowering operational overhead and licensing costs. While modernizing, customers often need to evaluate whether they still […]
My memories of Amazon Web Services (AWS) re:Invent 2023 are still fresh even when I'm currently wrapping up my activities in Jakarta after participating in AWS Community Day Indonesia. It was a great experience, from delivering chalk talks and having thoughtful discussions with AWS service teams, to meeting with AWS Heroes, AWS Community Builders, and […]
Check out these examples of how Google's Sovereign Cloud solutions have helped accelerate the adoption of breakthrough technologies like generative AI and data analytics.
Looking for a great new DevOps job? Check out these available opportunities at Northrop Grumman, Raytheon and more!
Alan Shimel talks with Alex Burkhardt about Observe, Inc. and the company's mission to elevate observability.
Alan Shimel talks with Mezmo's Tucker Callaway about observability, data management and the challenges of too much telemetry data.
Massdriver announced tools for tracking cloud costs and generating a cloud IBOM to IDPs to streamline platform engineering workflows.
Sonar has added a secrets detection capability to its portfolio of tools for analyzing code and DevOps workflows.
The rapid changes in technology, work patterns and demographics are ushering in a new era for the labor market known as the future workforce.
Attackers could achieve remote code execution on Outlook without any user interaction. Learn how these zero-click exploits were discovered and patched
CISA Warns: Default passwords on internet-exposed systems are a ticking time bomb.
Four U.S. nationals charged in $80 million cryptocurrency investment scam. 🚔 If convicted, they could face 20 years in prison.
QakBot malware returns, using sneaky phishing emails masquerading as IRS employees.
Rhadamanthys, a versatile info-stealer, introduces a plugin system, making it more customizable. Cybercriminals can now tailor it to their needs.
2024 brings new SaaS security challenges. Stay ahead of the curve with insights on democratization, ITDR, and compliance.
LCNC apps and RPA can leave your business exposed to security risks similar to traditional development.
Hear from a CCZT Developer about why CSA's Zero Trust certificate program is considered a disruptive extension to other cybersecurity certificates.
Explore some of the offensive capabilities that Extended Berkeley Packet Filter (eBPF) provides to an attacker and how to defend against them.
Visibility and analytics is a cross-cutting capability for Zero Trust. It's achieved with logging and monitoring.
Faced with increasing amounts of data and a tightening economic climate, enterprises are looking to save money on their storage costs by moving rarely needed data to archival storage options. The least costly options require your internal systems to support receiving data back in hours or days, often called asynchronous retrievals. With this time delay, […]
Posts this week on developer portals and naming OpenTelemetry attributes, as well as several posts on people and teams, covering the role of engineering managers and devops in 2024.
Here are some excerpts from an incident story told by John Allspaw about his time at Etsy (circa 2012), titled Learning Effectively From Incidents: The Messy Details. In this story, the site goes d…
A security incident at MongoDB has led to unauthorized access to corporate systems, compromising customer account info.
A great overview of SLIs, covering event-based vs time-based SLIs, commonly used SLIs, and examples of things that don't make good SLIs.
The Problem: So I tend to get up very early in the morning, maybe 4-5am most days. 'Sleeping In' for me is ~6am or later, and that rarely happens. Lately, instead of adding more blog content, I've been working on a new site to attach to ShavingTheYak. Its an automated…
China's MIIT unveils a color-coded system to tackle data security incidents.
Microsoft warns of the growing threat from "Storm-0539," an emerging group orchestrating gift card fraud via sophisticated email and SMS phishing atta
'This strategic decision … is essential for realigning our resources to better serve our business objectives with our internal Conductor fork,' Netflix said.
Internal developer portals (IDPs) are becoming increasingly popular as organizations strive to improve their developer experience
GDCV (vSphere) version 1.16 supports SPBM, enabling customers to leverage a consistent way to declare datastore clusters and deploy workloads.
Introduction Intra-VPC Communication enables network communication between subnets in the same Amazon Virtual Private Cloud (Amazon VPC) across multiple physical AWS Outposts using the Outposts local gateways (LGW) via direct VPC routing. With this feature, you can leverage a single Amazon VPC architecture for communication between applications and services running on disparate AWS Outposts. You […]
AWS Security Profile series, I interview some of the humans who work in AWS Security and help keep our customers safe and secure. In this profile, I interviewed Arynn Crow, senior manager for AWS User AuthN in AWS Identity. How long have you been at AWS, and what do you do in your current role? […]
Amazon GuardDuty is a threat detection service that continuously monitors your Amazon Web Services (AWS) accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation. GuardDuty Malware Protection helps detect the presence of malware by performing agentless scans of the Amazon Elastic Block Store (Amazon EBS) volumes that are attached to […]
Today, customers operate tens, hundreds, or even thousands of applications arranged in complex distributed systems composed of many interdependent services. These applications need to be continuously available and performant to maintain end-user satisfaction and business growth. Amazon CloudWatch Application Signals (now in Preview) makes it easy to automatically instrument and operate applications on AWS to […]
To help prepare you for 2024's security landscape, the final installment of this year's Google Cloud Security Talks is coming to you on Dec. 19.
The ScienceLogic SL1 platform incorporates predictive and generative AI tech the company gained with the acquisition of Zebrium in 2022.
Jenkins, the venerable automation server used by many DevOps teams, is adapting to the changing landscape of software development.
Web applications are everywhere in our digital lives, but they're also prime targets for attackers. Learn about the most common vulnerabilities and ho
Crypto hardware wallet maker Ledger faces a major software breach, resulting in the theft of $600,000+ worth of virtual assets.
Google's "Tracking Protection" will restrict them for 1% of Chrome users in early 2024, with plans for wider adoption later.
A powerful botnet, KV-botnet, is using compromised firewalls and routers to conduct covert data transfers.
A novel malware named NKAbuse has surfaced, utilizing blockchain technology for DDoS attacks.
Multiple security vulnerabilities have been found in the open-source pfSense firewall solution, potentially allowing attackers to execute arbitrary co
In the modern world of cloud computing, Infrastructure as Code (IaC) has become a vital practice for deploying and managing cloud resources. AWS Cloud Development Kit (AWS CDK) is a popular open-source framework that allows developers to define cloud resources using familiar programming languages. A related open source tool called Projen is a powerful project […]
Review the advantages of AI. The industry's stance is shifting from AI being a novel thing to AI being brilliant tech that has massive risks and rewards.
Gigamon provides comments on the initial draft of NIST Special Publication 800-92r1 âCybersecurity Log Management Planning Guide.â
Dive into our expert analysis of the dangerous Remote Code Execution flaw in Splunk. Discover how attackers can exploit this vulnerability and why immediate action is essential.
Learn how to use Media CDN infrastructure with Google Cloud External Application Load Balancer to render streams hosted in multiple clouds.
This combination of AI with Istio's documents is very handy for working out what's what with this popular open source service mesh.
Post co-written by Shahar Azulay, CEO and Co-Founder at GroundCover Introduction The abstraction introduced by Kubernetes allows teams to easily run applications at varying scale without worrying about resource allocation, autoscaling, or self-healing. However, abstraction isn't without cost and adds complexity and difficulty tracking down the root cause of problems that Kubernetes users experience. To […]
Amazon Web Services (AWS) is excited to announce the availability of a new sponsored report from S&P Global Market Intelligence 451 Research, Centralized Trust for Decentralized Uses: Revisiting Private Certificate Authorities. We heard from customers actively seeking centralized management solutions for multi-cloud environments and worked with 451 Research, a technology research solution that provides a […]
Amazon CloudWatch lets customers collect monitoring and operational data in the form of logs, metrics, and events, providing an easy way to monitor and receive notifications regarding their workload health and often integrate directly with other systems, such as JIRA Service Desk and ServiceNow. The CloudWatch alarms feature lets you monitor CloudWatch metrics and receive […]
Artificial intelligence has emerged as the ninth cloud security megatrend. In the latest Cloud CISO Perspectives newsletter, Phil Venables explains why.
CloudBolt's Kyle Campos believes that, going forward, the cost to run an application will become the ultimate performance metric.
By implementing role-based access control (RBAC) in the CI/CD pipeline, DevOps teams can help ensure secure and efficient operations.
Sourcegraph's open source Cody tool leverages generative artificial intelligence (AI) tool to write and fix code.
On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included…
Lambda now supports Python 3.12. This release uses the Amazon Linux 2023 OS, supports Unicode responses, and graceful shutdown for functions with external extensions, and Python 3.12 language features.
Cybersecurity researchers have identified a total of 116 malicious packages on the Python Package Index (PyPI) repository.
Iranian state-sponsored group OilRig deployed three new downloader malware in 2022 to maintain access to Israeli organizations.
Gaza Cyber Gang, a pro-Hamas threat actor, is using an updated backdoor malware called Pierogi++ to target Palestinian entities.
Explore the latest in EU cybersecurity regulations, including the NIS2 Directive, EU Cybersecurity Schemes, and the Cyber Resilience Act.
Take a detailed look at the benefits of CSA STAR Level 2 and how to integrate the framework into your compliance strategy.
CrowdStrike has been investigating a series of cyber attacks that occurred in October 2023, which CrowdStrike attributes to the IMPERIAL KITTEN adversary.
Two talks at KubeCon+CloudNativeCon 2023 showed the range of tools and services in the observability space.
AWS Identity and Access Management (IAM) policies are at the core of access control on AWS. They enable the bundling of permissions, helping to provide effective and modular access control for AWS services. Service control policies (SCPs) complement IAM policies by helping organizations enforce permission guardrails at scale across their AWS accounts. The use of access control […]
Amazon Web Services (AWS) is pleased to announce the successful renewal of the AWS CyberGRX cyber risk assessment report. This third-party validated report helps customers perform effective cloud supplier due diligence on AWS and enhances customers' third-party risk management process. With the increase in adoption of cloud products and services across multiple sectors and industries, AWS has become a critical […]
Duet AI for Developers and Duet AI in Security Operations are now generally available.
Copado expanded a beta program that provides access to generative AI capabilities to teams building apps for the Salesforce SaaS platform.
We propose an approach that unlocks the power of DevOps engineers to own their databases and lets them self-serve deployments.
The majority of software developers have embraced platform engineering to manage DevOps workflows at scale in the last year.
Don MacVittie offers suggestions on what to tackle during this slow, holiday-filled time of year when many folks may not be available.
In an earlier post, we discussed how the hub-and-spoke architecture introduced by Local Zones unlocks more choices than ever for geographies where lower latency access can be introduced. Through workload placement techniques offered by service mesh technology for "east-west traffic", inter-service communication within a customer's Virtual Private Cloud (VPC), customers can make sure that microservice […]
AI with Terraform, Efficient Azure Infrastructure Management with GitLab
Discover the importance of embedding preventive security into the container ecosystem as part of an exposure management strategy.
Learn the risks of privileged accounts, how attackers exploit them, and the role of Privileged Access Management (PAM) in protection.
Enterprises may want to customize their data sets for different requesting applications. For example, if you run an e-commerce website, you may want to mask Personally Identifiable Information (PII) when querying your data for analytics. Although you can create and store multiple customized copies of your data, that can increase your storage cost. You can […]
Unhappy with KubeFed stagnation, an Asian-led group of businesses developed Karmada, an open source multicloud cluster management system that has just won approval from the CNCF.
With the addition of Testcontainers, Docker augments a portfolio of tools for developers to strengthen an "inner-loop" of development before the code is handed over to sluggish CCI systems.
Today, we are excited to introduce the EKS Developers Workshop, a comprehensive and beginner-friendly workshop designed specifically for developers embarking on their Kubernetes and Amazon Elastic Kubernetes Service (Amazon EKS) journey. This new workshop augments the existing EKS Workshop for cluster operators by focusing on developers and the unique tools and processes they utilize in […]
Today we are announcing the general availability to connect and query your existing MySQL and PostgreSQL databases with support for AWS Cloud Development Kit (AWS CDK), a new feature to create a real-time, secure GraphQL API for your relational database within or outside Amazon Web Services (AWS). You can now generate the entire API for […]
One big thing that SRE and observability have in common is that they are both often erroneously equated with monitoring.
Data observability aims to alert you to your data's reliability and health while also delivering the insights required to resolve any issues.
The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known "zero-day" threats…
With 11 high-profile attacks in 13 months and a volatile, ungoverned attack surface, non-human identities are the new perimeter, and 2023 is only the
Hacking incidents in the healthcare sector have surged by more than threefold from 2018 to 2022. It's time for proactive cybersecurity measures.
AppLovin modernized its AdTech platform on Google Cloud G2 VMs powered by NVIDIA L4 Tensor Core GPUs, and running on GKE.
Google Cloud offers a suite of tools that helps organizations understand their carbon footprint and decarbonize their technical architecture.
In this blog, you will learn to create AWS VPC using well structure terraform modules. It is a
Explore the impact of AI on data security with insights from a leading CEO. Learn why defenders need to conduct rigorous data risk assessments.
Learn how cloud native application protection platforms (CNAPPs) work with CSPM to embed best practices across the organization.
Enhance private company resilience and mitigate risks with robust cybersecurity aligned with ESG priorities.
Three new videos showcase Google Cloud's advanced networking capabilities: Cloud Firewall Plus, NCC VPC spoke support, and Network Function Optimizer.
With ransomware a top concern for customers, backups are essential to data recovery and business continuity. Customers want a simple method, preferably in a user console, for enabling immutability for backup vaults holding the encrypted data copy. The write-once, read-many (WORM) model applied to backup data provides immutability to recover from accidental or malicious deletions. […]
For production applications, the Mean-Time-To-Recovery (MTTR) is critical. In line with this, AWS offers Business, Enterprise On-Ramp and Enterprise support plans where AWS customers can benefit from shorter response time for cases related to production and business critical workloads. However, without having an automated way to notify AWS support, creating a case is a manual […]
Introduction In today's digital era, migrating to the cloud is no longer a question of "Why," but rather "When." Beyond infrastructure cost savings, cloud migration offers a multitude of benefits, including enhanced flexibility, agility, and reliability. However, while cloud migration presents a wealth of opportunities, it also comes with the potential for unplanned expenses that […]
Overview Effective operation of cloud applications and services demands a strong focus on monitoring and observability. It's critical for your teams to define, capture, and analyze metrics, ensuring operational visibility and extracting actionable insights from logs. In many companies, technical teams share integrated systems to monitor the services or infrastructure they manage. Shared observability systems […]
Intro Migration involves a crucial step of validating that your applications perform as expected in the cloud, achieved through multiple checks or scripts run on migrated servers. Manual performance of these tasks is complex, time-consuming, and prone to errors, particularly when migrating servers or applications at scale. AWS Application Migration Services (AWS MGN) simplifies this […]
Atlassian's generative AI capabilities are now generally available across its Jira and Confluence suite of tools for managing IT and DevOps workflows.
Looking for a great new DevOps job? Check out these available opportunities at Sony, Fiddler AI, Leidos and more!
A hackathon, when done right, reflects a belief in the symbiotic relationship between humans and AI, where innovation meets practicality.
Speaker 1: This is Techstrong TV. Alan Shimel: Hey, everyone, we're back. We're here in Chicago at KubeKon. We're wrapping up our day two coverage, our
Dude - Dell's been expanding community outreach and becoming more involved in the cloud-native community. Alan Shimel talks with Brad Maltz about the shift.
Amazon CodeCatalyst is a modern software development service that empowers teams to deliver software on AWS easily and quickly. Amazon CodeCatalyst provides one place where you can plan, code, and build, test, and deploy your container applications with continuous integration/continuous delivery (CI/CD) tools. In this post, we will walk-through how you can configure Blue/Green and […]
After a disaster, organizations must prioritize relief efforts over data security. However, people are more vulnerable to fraud during times of crisis.
Forward-thinking organizations are moving away from conventional IAM and PAM solutions and migrating towards cloud-native access management solutions.
Posts on observability, large systems evolution, software supply chain security, architecture principles and AWS re:Invent this week.
One of the services that the Amazon cloud provides is called S3, which is a data storage service. Imagine a hypothetical scenario where S3 had a major outage, and Amazon's explanation of the …
Wow, this interactive tool for choosing SLOs is fun to play with! Dragging the sliders really gives you a feel for the math involved, and then you get a formula that you can actually use.
OpenSpeedTest is handy for testing basic LAN network speeds or helping you to troubleshoot to see if your LAN is responding as it should.
Let's recap the week at AWS re:Invent 2023 with a round-up of the AWS Observability launches across Amazon CloudWatch, Amazon Managed Grafana, and Amazon Managed Service for Prometheus. From automatic instrumentation and operation of applications in CloudWatch, to agentless scraping of Prometheus metrics in Managed Service for Prometheus, read on to learn about the features […]
Many factors come into play when considering which parts of your tech stack to modernize within the parameters of your business goals.
Grafana Labs Distinguished Engineer Bryan Boreham detailed at KubeCon how he reduced the memory usage of Prometheus.
If a startup gains traction, it can hire a sales team. In the meantime, it's up to its founder to build sales skills and close the deals.
Introduction In this post, we'll deep dive into the architecture principles we use in Amazon Elastic Container Service (Amazon ECS). We'll outline some of the features that Amazon ECS delivers to make it easy for your application to achieve high availability and resilience. We explore how Amazon ECS is designed to use AWS availability and […]
Introduction Containerization has gained popularity as a method for deploying and managing applications with Kubernetes, which is a leading container orchestration platform. Many customers choose Amazon Elastic Kubernetes Service (Amazon EKS) for its performance, scalability, availability, and integration with other AWS services and security. Enterprises across the industry opt for private container repositories, such as […]
Amazon Web Services (AWS) successfully completed a surveillance audit for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. Ernst and Young Certify Point auditors conducted the audit and reissued the certificates on Nov 22, 2023. The objective of the audit was to assess […]
Background In a typical 3-tier application architecture, WebLogic is an application server that runs on a middle tier between back-end databases and browser-based clients. WebLogic allows users to develop and deploy an application that has business logic and allows the application to access other services like database, messaging, or other enterprise systems. Many customers still […]
New IAM groups authentication in Cloud SQL simplifies granting/revoking access to database objects at scale.
As the cars on our roads become smarter and more interconnected, the complexity of developing their software systems multiplies.
The flexibility and scalability of open source will allow car-makers to free their imagination and create software-driven cars of the future.
Sauce Labs has added native visual regression testing capabilities to its testing platform to enable DevOps teams to streamline workflows.
How to add a redirect rule to an ALB using just an ingress resource in EKS.
Learn how to use Amazon EKS Blueprints for CDK to simplify integration of common tooling and provisioning of complete, opinionated EKS clusters that meet specific application requirements. This solution is designed to replace the deprecated Amazon EKS Quick Start.
AWS Transit Gateway is a network transit hub that enables you to connect thousands of Amazon Virtual Private Clouds (Amazon VPCs) and your on-premises networks using a single gateway. This simplifies your network connection and puts an end to complex peering relationships. AWS Transit Gateway Flow Logs enables you to export detailed telemetry information, such as source/destination […]
President Biden issued an executive order that trains the full scope of the administration's authority on emerging risks posed by AI technology.
CrowdStrike has seen an increase in cases involving adversaries that abuse identity provider federation to gain access to protected services.
To better assess whether moving off DynamoDB makes sense, we did a detailed comparison across workload conditions, distributions and read:write ratios
AWS App Runner is a fully managed container application service that lets you build, deploy, and run containerized web applications and API services without prior infrastructure or container experience. AWS App Runner abstracts the intricacies of infrastructure, which enables companies such as Wix, Hubble, Cox, and others to accelerate innovation without the need to invest […]
Introduction Customers can run their Windows container-based applications on Amazon Elastic Container Service (Amazon ECS) using AWS Fargate to avoid the undifferentiated heavy lifting of managing servers. A common use case for Windows Containers on AWS is to run web applications hosted using Internet Information Services (IIS). When using common files in a web farm, […]
AWS Identity and Access Management (IAM) roles are a powerful way to manage permissions to resources in the Amazon Web Services (AWS) Cloud. IAM roles are useful when granting permissions to users whose workloads are static. However, for users whose access patterns are more dynamic, relying on roles can add complexity for administrators who are […]
By utilizing tools, implementing processes and continuously monitoring costs, you can save money while still reaping the benefits offered by different cloud providers.
Under an early access program, PagerDuty, Inc. is making available a tool that brings generative AI capabilities to its ITSM platform.
The goal of vulnerability management is to close the gap between discovery and resolution, thereby minimizing the window of opportunity for potential cyberattacks.
For the sixth consecutive year, Google Cloud is a leader in Gartner Strategic Cloud Platform Services Magic Quadrant.
This blog covers the essential steps to secure your Docker images against potential vulnerabilities using Trivy scanner. Trivy
Cybercriminals have set their sights on higher education. This blog details 5 incidents so that schools can understand the threats being aimed at them.
CSA's Advanced Cloud Security Practitioner (ACSP) training shows you how to build an enterprise-scale cloud security program.
Explore the shift from manual to automated remediation with GenAI in cybersecurity. The benefits include quicker remediation and reduced costs.
Google Cloud's Connectivity Tests includes new coverage to help you understand the reachability of your network services.
k0s is highly-flexible Kubernetes, letting you configure and put control planes and workers wherever that makes sense for your use cases.
Now that AI has made advanced automation a fact, it is time to consider implementing the level of testing we always knew we should have.
If 2023 was the year of artificial intelligence (AI), then 2024 is going to be the year of human coexistence with the technology.
More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement…
The new TPU v5p is a core element of AI Hypercomputer, which is tuned, managed, and orchestrated specifically for gen AI training and serving.
Dynamic Workload Scheduler lets you request Compute Engine accelerators in advance, to help ensure capacity allocation for your ML workloads.
Don't overlook a critical area of supply chain security risk: non-human identities and their ungoverned access to core business and engineering environments.
CISOs recognize how attackers use AI for malicious purposes and are investing in AI-native cybersecurity.
For many stateful containerized applications, such as those using Kubernetes orchestration, each stateful pod (the smallest deployable container object) may require dedicated persistent storage. A block storage solution is a good fit due to its high performance, low latency, and persistence attributes. If a compute instance has more compute resources to spare, you can only […]
A series of recent service outages by cloud providers underscores the dangers to organizations and their customers. Planning for operational resilience can help protect against disaster.
Three in four developers use ChatGPT and nearly half use GitHub Copilot, according to a new survey by JetBrains. But very few devs think generative AI will take over all coding tasks.
In this episode of The New Stack Makers, Rob Skillington, of Chronosphere shared what he's learned from building platforms and tools for his colleagues.
The term "digital transformation" describes the implementation of new technologies, talents, and processes to remain competitive in an ever-changing technology landscape. Companies must embrace transformation initiatives to gain benefits such as improving productivity, improving customer experiences and reduce operational costs. A successful transformation journey involves both Migration and Modernization. Modernization is the refactoring of legacy technology by […]
Building advanced AI apps demands the right tools, and the right generative AI tools can elevate your projects significantly.
Generative AI is set to benefit the documentation and transformation of legacy code and potentially create new documentation in parallel with new builds.
AI is already being used in code writing, code review, quality assurance/testing, debugging and design and architecture, according to a recent survey.
An analysis of the security automation practices of 130 organizations published by Synopsys suggests significant progress toward securing software supply chains.
Customers use AWS Network Load Balancer (NLB), Classic Load Balancer (CLB), or Application Load Balancer (ALB) as load balancers or ingress with Amazon Elastic Kubernetes Service (Amazon EKS) clusters. AWS Load Balancer Controller is designed to help manage Elastic Load Balancers for a Kubernetes cluster. It satisfies Kubernetes Ingress resources by provisioning ALBs and Kubernetes […]
K8s brings many advantages to managing fleets of GPUs, said CoreWeave's Peter Salanki, during a talk at KubeCon+CloudNativeCon 2023.
Running the Weights & Biases Launch ML developer platform on GKE can reduce operational overhead and can improve an organization's security posture.
AWS Identity and Access Management (IAM) Access Analyzer offers tools that help you set, verify, and refine permissions. You can use IAM Access Analyzer external access findings to continuously monitor your AWS Organizations organization and Amazon Web Services (AWS) accounts for public and cross-account access to your resources, and verify that only intended external access […]
Introduction In this blog post you will learn how to visualize AWS Health events using Amazon Managed Grafana to gain deeper insights across multiple Health events in a centralized place. When used in conjunction with AWS Health, Grafana can enhance the ability to respond to issues, optimize performance, and ensure the overall Health of the […]
Cloud Armor for Regional External Application Load Balancers can help customers create regionally-scoped Cloud Armor security policies, and is now generally available.
Amazon Virtual Private Cloud (VPC) endpoints – powered by AWS PrivateLink—allow you to securely expose your application to consumers on AWS without using public IP space and without worrying about overlapping private IP space. You also don't have to worry about creating bidirectional network paths using services like AWS Transit Gateway or Amazon VPC Peering.To […]
With the Standard Tier availability SLA, customers should experience no more than ~43 bad minutes - a loss of external connectivity - within a month.
A mix of topics this week, running from operations (status page updates), observability (several posts on open telemetry use cases), plus videos from the recent PackagingCon conference and tools for managing GitHub Action runners.
Maybe you're thinking of skipping over "yet another article about blamelessness"? Don't. This one has some great examples and stories and is well worth a read.
User stories are represented as work items in Azure DevOps, allowing you to manage and track them effectively throughout the development lifecycle. Creating a
DevOps isn't just about software engineering methods and tools, its about results.
This blog covers the step by step guide to setup Observability Stack that contains Prometheus, Grafana & Alert
Patching Linux is easy. Except when you need to patch tens of thousands of servers without downtime. Here's how Meta does it.
Application performance monitoring (or APM) is the practice of taking key application performance indicators to ensure system availability, improve system performance, and improve the end-user experience. This week we announced Amazon CloudWatch Application Signals, a new set of features built-in to Amazon CloudWatch to help you speed up troubleshooting, reduce application disruptions, and operational costs, […]
Circles X uses DORA DevOps best practices to build the first telco-as-a-service in Indonesia, helping partners to launch a digital telco.
In this edition of The Tech Founder Odyssey, Jean Yang of Akita Software advocates for a pragmatic and data-driven approach to shape programming languages and tools in response to real-world developer needs.
Microsoft's new .NET Aspire tool has generated a swell of community interest, particularly in a tool called Aspir8.
Use the newly released Kubernetes API connector and the existing Kubernetes Engine API connector to manage the full lifecycle of Kubernetes.
New features in Filestore, a fully managed, GKE integrated NFS storage service, help support demanding GKE stateful workloads such as AI/ML training.
Several independent software vendors (ISVs) and software as a service (SaaS) providers need to access their customers' Amazon Web Services (AWS) accounts, especially if the SaaS product accesses data from customer environments. SaaS providers have adopted multiple variations of this third-party access scenario. In some cases, the providers ask the customer for an access key […]
I've always loved building things, but when I first began as a software developer, my least favorite part of the job was thinking about security. The security of those first lines of code just didn't seem too important. Only after struggling through security reviews at the end of a project, did I realize that a […]
One of the challenges with distributed systems is that they are made up of many interdependent services, which add a degree of complexity when you are trying to monitor their performance. Determining which services and APIs are experiencing high latencies or degraded availability requires manually putting together telemetry signals. This can result in time and […]
Today, we are announcing an improved Amazon SageMaker Studio experience! The new SageMaker Studio web-based interface loads faster and provides consistent access to your preferred integrated development environment (IDE) and SageMaker resources and tooling, irrespective of your IDE choice. In addition to JupyterLab and RStudio, SageMaker Studio now includes a fully managed Code Editor based […]
Today, I'm happy to share the integrated development environment (IDE) extension for AWS Application Composer. Now you can use AWS Application Composer directly in your IDE to visually build modern applications and iteratively develop your infrastructure as code templates with Amazon CodeWhisperer. Announced as preview at AWS re:Invent 2022 and generally available in March 2023, Application Composer is […]
Today, we are announcing the general availability of myApplications supporting application operations, a new set of capabilities that help you get started with your applications on AWS, operate them with less effort, and move faster at scale. With myApplication in the AWS Management Console, you can more easily manage and monitor the cost, health, security […]
Today, Amazon Inspector adds three new capabilities to increase the realm of possibilities when scanning your workloads for software vulnerabilities: Amazon Inspector introduces a new set of open source plugins and an API allowing you to assess your container images for software vulnerabilities at build time directly from your continuous integration and continuous delivery (CI/CD) […]
AWS Fault Injection Service (FIS) helps you to put chaos engineering into practice at scale. Today we are launching new scenarios that will let you demonstrate that your applications perform as intended if an AWS Availability Zone experiences a full power interruption or connectivity from one AWS region to another is lost. You can use […]
Today we're launching zonal autoshift, a new capability of Amazon Route 53 Application Recovery Controller that you can enable to automatically and safely shift your workload's traffic away from an Availability Zone when AWS identifies a potential failure affecting that Availability Zone and shift it back once the failure is resolved. When deploying resilient applications, […]
SaaS (Software as a Service) platforms are hosted centrally and accessed through the Internet. They are subscription-based, providing users with regular
Mandiant's Earl Matthews pens a guest column on how security validation can help security and business leaders craft a clearer risk profile picture.
Basic fun example of calling the OpenAI API from your python script, with some caveats...
How Nobl9's new reliability AI product, built on Google Cloud, helps make SLOs easier to understand and manage.
Border Gateway Protocol and Generic Routing Encapsulation allow rerouting of traffic to scrubbing centers where harmful data is filtered out.
The OpenTelemetry project contributors are developing a bridge for Go and associated modules.
You can now perform installation and Day 2 operations of Apigee Hybrid with Helm charts.
At Amazon Web Services (AWS), we're committed to providing our customers with continued assurance over the security, availability, confidentiality, and privacy of the AWS control environment. We're proud to deliver the Fall 2023 System and Organizational (SOC) 1, 2, and 3 reports to support your confidence in AWS services. The reports cover the period October […]
As organizations expand their Amazon Web Services (AWS) environment and migrate workloads to the cloud, they find themselves dealing with many AWS Identity and Access Management (IAM) roles and policies. These roles and policies multiply because IAM fills a crucial role in securing and controlling access to AWS resources. Imagine you have a team creating […]
This blog post demonstrates how to help meet your security goals for a containerized process running outside of Amazon Web Services (AWS) as part of a hybrid cloud architecture. Managing credentials for such systems can be challenging, including when a workload needs to access cloud resources. IAM Roles Anywhere lets you exchange static AWS Identity […]
Today we are excited to announce the general availability of SaaS Quick Launch, a new feature in AWS Marketplace that makes it easy and secure to deploy SaaS products. Before SaaS Quick Launch, configuring and launching third-party SaaS products could be time-consuming and costly, especially in certain categories like security and monitoring. Some products require […]
When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of…
This blog post explores how Amazon Q, the generative artificial intelligence (AI) powered assistant from AWS, helps you troubleshoot network-related issues by working with Amazon VPC Reachability Analyzer. These are exciting times for cloud networking! We're a long way from the days of debugging connectivity issues with ping and traceroute. Now we ask questions in […]
Manage network connectivity through categorized VPCs. By carefully considering the connectivity requirements of each application, organizations can strike the right balance between security and flexibility.
Able to process millions of requests-per-second, Amazon S3 Express One Zone promises to hasten data access speeds by 10x over the AWS s3 Standard edition, offering single-digit millisecond latency while reducing request costs by 50%.
Microservices often communicate with each other to fulfill complex business operations, creating security and scaling challenges. Mutual Transport Layer Security (mTLS) can help. Here's how to get started.
The post was co-written by Skylar Graika (Sr Principal Engineer, Smartsheet) Introduction Highly successful companies know that maintaining an accelerated pace of innovation is key to continued growth. They are increasingly looking to modernize their digital backbone of applications and development practices to support faster innovation and improved performance, security, and reliability, while maintaining a […]
Cloud TPUs on GKE offer the scalability, orchestration, and operational benefits of GKE while maintaining the leading price-performance of TPU.
In this post, I will show you how to apply security at multiple layers of a web application hosted on AWS. Apply security at all layers is a design principle of the Security pillar of the AWS Well-Architected Framework. It encourages you to apply security at the network edge, virtual private cloud (VPC), load balancer, […]
One of the cybercrime underground's more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned.
Learn how to safely migrate to new terraform resources for cloud run service v2 without making changes to deployed resources.
Deep learning processes often need to read full datasets, which are usually hundreds of gigabytes in size, before they can perform intelligent data processing. High data retrieval speed and low latency from storage are crucial for enterprises running these performance-critical workloads. Akridata, an AWS independent software vendor (ISV) partner, helps make artificial intelligence (AI)-assisted unstructured-data […]
ChaosSearch is an Amazon S3-native database built on a serverless, stateless compute architecture within AWS that delivers live search, SQL, and Generative AI analytics. At ChaosSearch, the speed and performance of our architecture is important to us and our customers because time to results is the difference between success and failure, and we rely on […]
ClickHouse is a columnar database management system (DBMS) designed for blazing-fast real-time analytics. It was built to address the needs of interactive analytical applications requiring up-to-the-second analytics. To do that, it must support real-time data ingestion at the rate of hundreds of millions of events per second and run complex analytical queries, such as filtering, […]
Machine learning presents a number of new challenges to data teams, calling for technology solutions that can support training and fine-tuning performance-critical workloads with high performance. Data version control is one of the facets of high-performing ML pipelines, as it allows efficient experimentation and full ML pipeline reproducibility at scale. lakeFS by Treeverse, an AWS […]
Organizations are modernizing their data lakes on Amazon Simple Storage Service (Amazon S3) to handle the ever-growing data volume and speed while meeting the demands of analytics, machine learning (ML), artificial intelligence (AI), and generative AI applications. To enable a data-driven culture and remain innovative, the data platform must allow for data-centric collaboration across business […]
With its new Cortex-M52 chip, Arm is enabling AI analysis on small IoT devices at the edge.
As cloud environments—and security risks associated with them—become more complex, it becomes increasingly critical to understand your cloud security posture so that you can quickly and efficiently mitigate security gaps. AWS Security Hub offers close to 300 automated controls that continuously check whether the configuration of your cloud resources aligns with the best practices identified […]
The rapid growth of generative AI brings promising new innovation, and at the same time raises new challenges. At AWS, we are committed to developing AI responsibly while enabling customers to provide assurance regarding the security of their environment to regulators and auditors. AWS Audit Manager announces the first version of AWS best practices framework for generative AI […]
The AWS Well-Architected Tool (WA Tool) helps you define and review workloads based on the latest AWS architectural best practices. This allows you to consistently identify areas of strength and improvement in your workloads. During a Well-Architected review, you answer questions to evaluate your architecture and receive an improvement plan detailing any high or medium […]
Whether you use Terraform or something else to code your EKS cluster configurations, you will have likely run into the following scenario...
Introduction Since their introduction in 2010, tags have been helping Amazon Web Services (AWS) customers identify, organize, and manage their resources by adding referenceable key/value pairs. In this post, we explore how tags can be used to automate the addition and removal of Amazon VPC Lattice resource associations, and cross account resource shares using Amazon […]
When individuals from different backgrounds come together, they bring ideas and insights that lead to better problem-solving and decision-making.
This post is Part 2 of a two-part blog post series that will take you, an application developer, through the process of configuring and developing a data application that authenticates users with Microsoft Entra ID and then uses S3 Access Grants to access data on those users' behalf. Part 1 of this series gave an […]
This is Part 1 of a two-part blog series: Configuring the application. Here is Part 2: Developing the application. When we at AWS talk to our customers about their data lakes, they usually describe a desired access pattern in which users and groups from a corporate directory are granted access to datasets in Amazon Simple […]
Amazon Simple Storage Service (Amazon S3) is the most popular object storage platform for modern data lakes. Organizations today evolved to adopt a lake house architecture that combines the scalability and cost effectiveness of data lakes with the performance and ease-of-use of data warehouses. Likewise, Amazon S3 plays an increasingly important role as the foundational […]
Data is at the center of every machine learning pipeline. Whether pre-training foundation models (FMs), fine-tuning FMs with business-specific data, or serving inference queries, every step of the machine learning lifecycle needs low-cost, high-performance data storage to keep compute resources busy and performing useful work. Customers use Amazon Simple Storage Service (Amazon S3) to store training data […]
Several FinOps related posts this week, along with a case study of moving build systems at scale, a review of the recent KubeCon event in Chicago and new tools for application and CI/CD configuration.
Today, we are happy to announce that AWS CloudTrail Lake data is now available for zero-ETL analysis in Amazon Athena. AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on AWS for audit, security, and compliance purposes. CloudTrail Lake allows you to easily aggregate activity logs […]
AWS Config is a service that tracks configuration changes of AWS resources in your AWS account or across your AWS Organizations. AWS Config uses the configuration recorder to detect changes of your resources and track them as configuration items (CIs). Given the increasing complexity of cloud infrastructure, the number of resource configuration changes being made […]
And that's a wrap on the major announcements from re:Invent 2023! Scroll down to see a recap of all the exciting news from the event. For more ways to experience re:Invent, and to stay in touch with all the news that never stops at AWS, be sure to follow these great resources: AWS News Blog: […]
AWS CloudFormation, an Infrastructure as Code (IaC) service that lets you model, provision, and manage AWS and third-party resources, now supports using Git sync to automatically trigger a deployment whenever a tracked Git repository is updated. This enables developers to significantly speed up the development cycle for CloudFormation by integrating into their Git workflow and […]
The network is not reliable. What are the implications and what can we do about it?
In this blog, we explore Automatic Target Weights (ATW), which can reduce the number of errors users experience when using web applications. ATW provides the ability to detect and mitigate gray failures for targets behind Application Load Balancers (ALB). A gray failure occurs when an ALB target passes active load balancer health checks, making it look healthy, but still returns errors. This scenario could be caused by many things, including application bugs, a dependency failure, intermittent network packet loss, a cold cache on a newly launched target, CPU overload, and more.
In this blog post, we highlight how Elastic Network Adapter (ENA) Express can improve workload performance in conventional network applications, such as databases, file systems, and media encoding. We begin by demonstrating how ENA Express can significantly improve tail latency when used with in-memory databases. From there, we will explore the advantages it offers to […]
A detailed comparison of CPU, RAM, storage and network performance between Kubernetes clusters on virtual machines and bare metal.
AWS Trusted Advisor continuously evaluates your AWS environment using best practice checks in the categories of cost optimization, performance, resilience, security, service limits, and operational excellence and recommends actions to remediate any deviations from AWS best practices in the AWS Well-Architected Framework. AWS Well-Architected Framework is a collection of architectural best practices and guidance to […]
This post was coauthored by Mike Ravkine, Sr. Director at Cognitive Systems Introduction Cognitive Systems Corp., which provides pioneering Wi-Fi sensing technology, WiFi Motion, has redefined how people interact with wireless networks by using existing Wi-Fi signals to transform connected devices into motion sensors. Cognitive System's Wi-Fi Sensing technology constitutes a comprehensive software stack that […]
Introduction Many enterprises rely on AWS to host the entirety of their infrastructure due to the inherent advantages of cloud computing. However, some enterprises operate mission critical workloads from remote areas at an increased risk to lose external network connectivity. For instance, a research facility located in a remote desert, an oil rig in international […]
I hope you have as much fun reading this as I had writing it
It evaluates every code change in the pull request to help developers understand the impact on the code's runtime behavior.
Introduction The rise in popularity of Generative AI (GenAI) reflects a broader shift toward intelligent automation in the business landscape, which enables enterprises to innovate at an unprecedented scale, while adhering to dynamic market demands. While the promise of GenAI is exciting, the initial steps toward its adoption can be overwhelming. This post aims to […]
Your DevOps and Developer Productivity guide to re:Invent 2023 ICYMI – AWS re:Invent is less than a week away! We can't wait to join thousands of builders in person and virtually for another exciting event. Still need to save your spot? You can register here. With so much planned for the DevOps and Developer Productivity […]
The Global Service Accelerator could help commoditize cloud services for API-driven apps, TikTok engineers surmise at KubeCon.
The command line is used by over thirty million engineers to write, build, run, debug, and deploy software. However, despite how critical it is to the software development process, the command line is notoriously hard to use. Its output is terse, its interface is from the 1970s, and it offers no hints about the 'right […]
Introduction In this post, we explain how Amazon EC2 interprets idle timeouts and how to customize this configuration to optimize for your traffic patterns and workloads. We also dive into some common use-cases. Earlier this year, Amazon Elastic Compute Cloud (Amazon EC2) announced the Conntrack Utilization Metric for EC2 instances that offers you the ability […]
If you want to understand what is Observability, its importance, its benefits, and its components, this guide is
Technical posts on new DNS record types and authorization approaches, along with posts on the history of Devops through to how AI is changing software development.
This research paper summary goes into Mode Error and the dangers of adding more features to a system in the form of modes, especially if the system can change modes on its own.
Introduction With Amazon Elastic Kubernetes Service (Amazon EKS) users can modify the configuration of the cluster before and after cluster creation without having to create a new cluster. Before provisioning the cluster, users can define specific parameters like the Kubernetes version, VPC and subnets, and logging preferences. Post-creation, they can dynamically adjust various settings, such […]
Learn about the pros and cons of various architecture choices when building a software as a service (SaaS) platform on Google Kubernetes Engine (GKE).
Google Cloud CISO Phil Venables explains in his latest newsletter why sector-specific information centers are valuable partners for Google Cloud and the industry.
There are a number of settings you need to change and consider when shooting for zero downtime with ingress-nginx
Today, AWS is announcing support for read-only management events in Amazon EventBridge. This feature enables customers to build rich event-driven responses from any action taken on AWS infrastructure to detect security vulnerabilities or identify suspicious activity in near real-time. You can now gain insight into all activity across all your AWS accounts and respond to those events as is appropriate.
This post by Art Baudo – Principal Product Marketing Manager – AWS EC2, and Pranaya Anshu – Product Marketing Manager – AWS EC2 We are just a few weeks away from AWS re:Invent 2023, AWS's biggest cloud computing event of the year. This event will be a great opportunity for you to meet other cloud […]
Amazon CodeCatalyst is an integrated service for software development teams adopting continuous integration and deployment practices into their software development process. CodeCatalyst puts the tools you need all in one place. You can plan work, collaborate on code, and build, test, and deploy applications with continuous integration/continuous delivery (CI/CD) tools. You can also integrate AWS […]
Optimize your VM and network infrastructure scaling using new custom queue features and virtual network cards.
At Google Cloud, we built Regional Persistent Disk with mission- critical workloads in mind. Here's how to use them.
With my configuration tampered with malicious redirect, here is how I fixed and hardened it with CloudFlare to improve WordPress security.
In the evolving cloud-native landscape, enterprises utilizing Amazon Elastic Kubernetes Service (Amazon EKS) often encounter challenges that hinder their pursuit of operational efficiency and cost-effectiveness. Notable among these challenges are the costs associated with Cross Availability Zone (AZ) traffic, with difficulties associated with achieving seamless scalability, hurdles in provisioning right-sized instances for nodes, and intricacies […]
In today's cloud-native landscape, efficient management of event-driven workloads is essential for real-time data processing. Traditional autoscaling often falls short amidst unpredictable event volumes, leading to inefficiencies and increased costs. Amazon Elastic Kubernetes Service (EKS), which is a managed container orchestration platform and is well-suited for deploying container-based applications. By integrating Kubernetes Event-Driven Autoscaling (KEDA) […]
Google Cloud is expanding Assured Workloads with two Japan regions, and introduces a new tool to help analyze migrations for compliance.
Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out…
The AWS Integrated Application Test Kit is a software library that provides conveniences to help you write automated tests for your cloud applications. This blog post shows some of the features of the initial Python version of the IATK.
Advanced logging controls for Lambda give you greater control over logging. Use advanced logging controls to control your Lambda function's log level and format, allowing you to search, query, and filter logs to troubleshoot issues more effectively.
This post is written by Josh Levinson, AWS Principal Product Manager and Julien Ridoux, AWS Principal Software Engineer Today, we announced that we improved the Amazon Time Sync Service to microsecond-level clock accuracy on supported Amazon EC2 instances. This new capability adds a local reference clock to your EC2 instance and is designed to deliver […]
This post is written by Subham Rakshit, Senior Specialist Solutions Architect, and Ismail Makhlouf, Senior Specialist Solutions Architect. Many organizations use a multi-account strategy for stream processing applications. This involves decomposing the overall architecture into a single producer account and many consumer accounts. Within AWS, in the producer account, you can use Amazon Managed Streaming for […]
Network configuration, diagnostics and general Linux troubleshooting are essential parts of System administration. Even for a developer who
New pipeline automation capabilities in Cloud Deploy enable continuous deployment as well as continuous delivery.
Developers use AWS Step Functions, a visual workflow service to build distributed applications, automate IT and business processes, and orchestrate AWS services with minimal code. Step Functions redrive for Standard Workflows allows you to redrive a failed workflow execution from its point of failure, rather than having to restart the entire workflow. This blog post […]
This post is written by Ahmed Nada, Principal Solutions Architect, Flexible Compute and Kevin OConnor, Principal Product Manager, Amazon EC2 Auto Scaling. Amazon Web Services (AWS) customers around the world trust Amazon EC2 Auto Scaling to provision, scale, and manage Amazon Elastic Compute Cloud (Amazon EC2) capacity for their workloads. Customers have come to rely […]
This post is written by Julian Wood, Principal Developer Advocate, and Dan Fox, Principal Specialist Serverless Solutions Architect. AWS Lambda supports multiple programming languages through the use of runtimes. A Lambda runtime provides a language-specific execution environment, which provides the OS, language support, and additional settings, such as environment variables and certificates that you can access from […]
This post is written by Pascal Vogel, Solutions Architect, and Andrea Amorosi, Senior Solutions Architect. You can now develop AWS Lambda functions using the Node.js 20 runtime. This Node.js version is in active LTS status and ready for general use. To use this new version, specify a runtime parameter value of nodejs20.x when creating or […]
Time-based energy attribute certificates, or T-EACs, show promise for helping decarbonize electricity grids and accelerating a carbon-free future.
A new CPU vulnerability, 'Reptar,' found by Google researchers, has been patched by Google and Intel. Here's what you need to know.
Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three "zero day" vulnerabilities that Microsoft warns are already being exploited in active attacks.
This blog post describes how to implement cross-account sharing for Amazon Route 53 Application Recovery Controller (Route 53 ARC), by using AWS Resource Access Manager (AWS RAM). The post walks through setting up a resource share, highlights the benefits of cross-account sharing, and reviews the factors to consider when you set up resource sharing in […]
To bring the power of AI to more organizations around the world, Google Cloud is expanding its generative AI data residency guarantees for data stored at-rest.
Learn the differences between Google Cloud's Application Load Balancers and Network Load Balancers, and when to use them.
With the improved route tables in the Google Cloud console, you can improve the performance, security, and scalability of your network.
Despite often not having access to other options, a new survey reveals that employees want more software choices, and they want it to be more secure.
We've added two secure enterprise browsing capabilities in Google Chrome to help implement strong, low-overhead data controls in tools already in end-users hands.
Don't leave your marketing data exposed. Discover the top challenges in securing SaaS applications used by marketing teams.
Several posts on the impact of AI on operations, from incident response to infrastructure as code. Lots to look forward to in that space I'd wager. Plus posts on monitoring, the DORA state of devops report and more.
A cardiac surgeon draws lessons from the Tenerife commercial airline disaster and applies them to communication in the operating room.
How I learned to stop worrying about AI and started to use it to help speed up my tech workday instead!
In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian…
When trying to connect to the AWS EKS cluster you might face exec plugin: invalid apiVersion 'client.authentication.k8s.io/v1alpha1' error.
Autoclass automates data placement of objects in Cloud Storage, and is now available for existing Cloud Storage buckets.
As security threats have become more sophisticated and easier to scale, customers increasingly use Amazon CloudFront and AWS WAF together to improve the performance, resiliency, and security of their web applications and APIs. CloudFront is a Content Delivery Network (CDN) that reduces latency by delivering data to viewers anywhere in the world using one of […]
In this blog, we will look at the list of Udacity free courses that you can use to
A pilot study shows how machine learning can be applied at the edge using Docker and a microservices architecture to process video data.
Google Cloud is a founding member of the DAOS Foundation to accelerate investment the open-source DAOS storage stack for HPC and AI/ML workloads.
DALL-E 3 Here's the scenario: Lets say we have a deployment in our kubernetes cluster for pods that do some sort of important processing work. They might be doing something like pulling messages from a queue and then processing uploaded files from your customers. Now if the processing task is…
AWS CodeBuild recently announced that it supports running projects on AWS Lambda. AWS CodeBuild is a fully managed continuous integration (CI) service that allows you to build and test your code without having to manage build servers. This new compute mode enables you to execute your CI process on the same AWS Lambda base images […]
Why the Kubernetes Gateway API is a potent solution for building resilient microservices within a Kubernetes environment.
Learn more about how the Azure ND H100 v5-series offers exceptional throughput and minimal latency for both training and inferencing tasks in the cloud.
The new open-source Accurate Quantization Training (AQT) library provides the software support needed for easy tensor operation quantization in JAX accelerating training and inference.
Cloud TPU v5e, now GA, demonstrated a 2.3X improvement in price-performance compared to the previous-generation TPU v4 for training LLMs.
AssemblyAI found that Cloud TPU v5e offers up to 4x greater price-performance than alternative enterprise-grade accelerators for machine learning (ML) model inference.
We used Multislice Training to run the world's largest LLM distributed training job on a compute cluster of 50,944 Cloud TPU v5e chips.
Enterprises running Kubernetes in production are still struggling to find the balance of flexibility and complexity. Read Spectro Cloud's 2023 report.
The Kubernetes Gateway API simplifies configuration by abstracting away complexities and providing a user-friendly, declarative approach to define routing and traffic policies.
Implementing a secure network in Google Cloud means designing it to use tools like IAM, VPC, and a variety network security services.
GKE Enterprise lets companies easily and securely increase team velocity, and reduce total cost of ownership of their business-critical workloads.
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today's Part II, we'll examine clues about the real-life identity left…
Synthetic monitoring in Cloud Monitoring tests the availability, consistency, and performance of a web application from a real user's perspective.
Several sets of posts this week on Prometheus and its ecosystem, coming out of the recent PromCon event. Plus discussion of being on-call, a counter-argument for those proposing building a platform and a scattering for other topics, from SBOMs to certificates.
AWS is underselling the performance of their newer instance types by a huge margin - find out by how much!
How a better understanding of resource requests in kubernetes helped us dramatically improve the performance of...
As Kubernetes networking continues to evolve, the Gateway API remains at the forefront, providing a standardized and powerful solution for managing traffic, security, and routing within your clusters.
Learn how to set up four different node pool types with various compute instances to utilize priority based scheduling in gke.
Dell has released its Apex Cloud Platform for Red Hat OpenShift, which is aimed at simplifying the deployment of microservices containers.
One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here's a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across…
Worried about shadow IT and SaaS security? Wing Security's "Essential SSPM" offers a solution. Discover, Assess, Control.
Powerful new rules in Security Command Center Premium can help customers quickly identify and remediate threats to backup and recovery infrastructure. Here's how.
New Artifact Registry remote and virtual repositories can help customers better manage their application and OS artifacts.
Bouyant has created an enterprise version of Linkerd, which include security tools for implementing zero trust security within Kubernetes clusters as well as for cost optimization and more.
Defender for Cloud is a Microsoft first-party solution that uses the scale of the cloud to identify attacks targeting applications running in Azure App Service. Learn more.
The Multi-cluster Gateway controller for GKE, now GA, uses the Kubernetes Gateway API to help manage ingress traffic to fleets of GKE clusters.
Sharing the latest advancements in improving VM availability monitoring for customers with Project Flash. Learn more.
Incident management, operating ElasticSearch clusters and Argo, tools for API linting and a scattering of other topics this week for your enjoyment.
So I was working on a project that required me to create a custom webhook into a pre-existing service running in our EKS cluster. I needed to use the ingress nginx controller due to needing to create a custom server block for the webhook, and due to the fact that…
My thoughts on where AI trends will take us with regards to web content, SEO, and more.
AWS Systems Manager is a hodgepodge and this post explains the core capabilities and the ones built on top of the core capabilities.
This article walks through the steps of installing Lynis security auditing software on both Ubuntu Server and Rocky Linux 9.
Terraform Cloud's recent pricing model changes to RUM pricing are causing sticker shock for some organizations!
Customers using Amazon CodeWhisperer often want to enable their developers to sign in using existing identity providers (IdP), such as Okta. CodeWhisperer provides support for authentication either through AWS Builder Id or AWS IAM Identity Center. AWS Builder ID is a personal profile for builders. It is designed for individual developers, particularly when working on […]
According to DORA and internal Google research, resilience is the first of five dimensions that drive DevOps and software delivery success.
Amazon CodeWhisperer is an AI coding companion that helps improve developer productivity by offering contextualized code snippets, or suggestions, generated based on coding context and natural language prompts to help developers build software quickly, responsibly, and securely. For enterprise customers, CodeWhisperer offers a Professional tier that adds administrative features, like SSO and IAM Identity Center […]
Learn how to deploy the cross-region internal application load balancer. This offers feature rich capabilities including, geo-routing, managed certificate support, multi-regional traffic distribution and failover. Build and explore.
David Eastman hosts a tech edition of Antiques Roadshow, by looking back at the pre-containers (even pre-Chef!) software tool Capistrano.
DALL-E 3 I've been working from home since long before the pandemic. It's been almost 10 years of partial 'wfh' and 6 years of full time 'wfh' for me, and frankly I don't see it ever changing on my end, without threats of physical violence or bags of money. Some…
The Honomoana and Tabua subsea cables will connect Fiji and French Polynesia to the United States and Australia.
The Moby Project is an open source project that spun off from Docker. Three major releases are planned for this year.
When it moved its banking apps to Google Cloud, NCR Voyix's SRE team benefitted from replacing third-party tools with Cloud Logging and Log Analytics.
Introduction The Rust programming language was created by Mozilla Research in 2010 to be "a programming language empowering everyone to build reliable and efficient(fast) software"[1]. If you are a beginner level SDE or DevOps engineer or decision maker in your organization looking to adopt Rust for your specific use, you will find this blog helpful […]
Posts on chaos engineering for security, DORA metrics for incident management and vulnerability management for containers this week, along with tools from API Gateways to AI-based developer assistants.
AWS CodeDeploy is a fully managed deployment service that automates software deployments to various compute services, such as Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Container Service (ECS), AWS Lambda, and on-premises servers. AWS CodeDeploy recently announced support for deploying to applications that use multiple AWS Elastic Load Balancers (ELB). CodeDeploy now supports multiple […]
At this year's OCP Global Summit, Microsoft will share our latest contributions to supercomputing architecture and hardware. Learn more.
Today, Amazon Web Services (AWS) announced the launch of the AWS Well-Architected Framework DevOps Guidance. The AWS DevOps Guidance introduces the AWS DevOps Sagas—a collection of modern capabilities that together form a comprehensive approach to designing, developing, securing, and efficiently operating software at cloud scale. Taking the learnings from Amazon's own transformation journey and our […]
Cilium taps eBPF for hooks for extending runtime observability, security, and networking capabilities across various deployment environments.
The growth in DevSecOps usage has increased job opportunities. Could one be for you?
The new GCVE Protected offers bundled pricing for both Google Cloud VMware Engine and Google Cloud's Backup & DR Service.
We are excited to announce the preview of Microsoft Playwright Testing, an end-to-end scalable service for running Playwright tests. Learn more
Google is expanding our use of demand response technology to temporarily reduce power consumption at our data centers to help local grids as needed.
Here's a a line I liked from episode 461 of Todd Conklin's PreAccident Investigation Podcast. At around the 8:25 mark, Conklin says: ….accidents, in fact, aren't preventable…
Back in August, The New York Times ran a profile of Morris Chang, the founder of TSMC. It's hard to overstate the role that this Taiwan-based semiconductor company plays in the industry. If y…
A new guide helps you research and select the Google Cloud storage services that best match your specific workload needs.
The Nuvem submarine cable will connect Portugal, Bermuda and South Carolina, and will be Bermuda's first transatlantic fiber optic route.
In addition to Control Tower, Landing Zone Accelerator (LZA) is another option to orchestrate a Landing Zone on AWS. This post discusses LZA.
Take full advantage of Open-source, analytics in the cloud and vault into the age of AI with HDInsight on AKS. Learn more.
We issued an update on the status of Google Cloud regions in Sweden, Saudi Arabia, New Zealand, Norway, Mexico, and Greece.
Learn how to use change streams for Bigtable and how to incorporate change data capture into your system design.
Google and NEC are collaborating to adopt multi-core fiber (MCF) technology for the first time in the submarine cable industry.
Learn more on how Azure Space Data creates ubiquitous connectivity, resiliency, and global insights at scale
Good technical writing can have enormous influence. In my last blog post, I wrote about how technical reports written by management consultants can be used to support implementing a change program …
The management consulting firm McKinsey & Company recently posted a blog post titled Yes, you can measure software developer productivity. The post prompted a lot of responses, such as Kent Bec…
Upgrade to App Service Environment v3 before the previous versions reach end-of-life in August 2024 and learn of the many technical resources and benefits that can help you plan the migration right away.
When you deploy a service into production, you need to configure it with enough resources (e.g., CPU, memory) so that it can handle the volume of requests you expect it to receive. You'll wan…
In 1984, the late sociologist Charles Perrow published the book: Normal Accidents: Living with High-Risk Technologies. In this book, he proposed a theory that accidents were unavoidable in systems …
Brian Marick recently interviewed me about resilience engineering on his Oddly Influenced podcast. I'm pretty happy with how it turned out.
There are two approaches to doing post-incident analysis: the (traditional) root cause analysis (RCA) perspective the (more recent) learning from incidents (LFI) perspective In the RCA perspective,…
We can orchestrate landing zone in AWS using different tools. This post discusses control tower as an option to orchestrate landing zone.
This "Planternetes" release can keep service mesh containers running when the pod goes offline. Also in the box: Better support for DNS and more allowable time between necessary upgrades.
I was shocked to find this article on ReadWrite: The Truth About DevOps: IT Isn't Dead; It's not even Dying. Wait a second, do people really think this?
As DevOps adoption picks up pace, the signs are everywhere. Infrastructure as code once a backwater concept, and a hoped-for ideal, has become an essential to
I was having a conversation with a colleague recently. We were discussing DevOps, and the topic of Ansible came up as I was advocating it as a great tool to
You want to make your wordpress site bulletproof? No server outage worries? Want to make it faster & more reliable. And also host on cheaper components?
I was recently talking with a colleague of mine about where AWS is today. Obviously, these companies are migrating to EC2 & the cloud rapidly. The growth
First things first. This is not meant to be a beef against developers. But let's not ignore the elephant in the living room which is the divide between
Larry Summers, Director of the White House's National Economic Council coined the phrase "preserving optionality" back when he was deputy secretary of the
In the dynamic realm of software development and operations, where collaboration and alignment are paramount, there exists a four-letter word that has the
To go cloud native, telcos nee a way to decouple and abstract their workloads from the hardware details. eBPF can provide improved performance, simplified operations, and complete visibility.
We are excited to announce the general availability of Azure Blob Storage Cold Tier in all public and Azure Government regions. Learn more.
How to install Samba and configure it such that it can be used for sharing files to your network from a Linux server.
Options to authenticate kubectl to OIDC kube-apiserver using vanilla Kubernetes, Azure AKS, ROSA and EKS using OIDC
Achieve incredible innovations with the breadth and depth of cloud capabilities by Microsoft Azure. Learn more.
This post covers OIDC's classic flow - the authorization code flow and other flows for different architectures, as well as OIDC proxy.
Azure Managed Lustre delivers the time-tested Lustre file system as a first party managed service on Azure. Long time users of Lustre on-premises can now leverage the benefits of a complete HPC solution, including compute and high performance storage, delivered on Azure.
Consumer expectations for flawless digital experiences continue to rise, so companies must optimize their on-premises customer-facing technology.
AKS—network observability. This feature equips AKS users with powerful capabilities to gain enhanced visibility into their container network traffic.
Existential Comics is an extremely nerdy webcomic about philosophers, written and drawn by Corey Mohler, a software engineer(!). My favorite Existential Comics strip is titled Is a Hotdog a Sandwic…
The Microsoft Cloud Skills Challenge is aimed at helping individuals develop proficiency in the most in-demand skills in the tech industry. Learn more.
We are thrilled to announce the general availability of Azure CNI powered by Cilium.
This innovative solution provides seamless integration of borehole data into petrophysical and geological models, enabling users to view, filter, and deliver data to the OSDU Data Platform with ease. Learn more.
Web framework usage declined, but React still rules. Also, Vercel's AI plans, Netlify's unified data layer and Google's script editor tool.
With the general availability of Azure HBv4 and HX series virtual machines today, Microsoft has integrated the latest 4th Gen AMD EPYC processors with AMD 3D V-Cache technology.
Datadog, an Azure Native ISV Service that brings the power of Datadog's observability capabilities to Azure allows you to monitor and diagnose issues with your Azure resources by automatically sending logs and metrics to your Datadog organization.
Utilize the power of Virtual WAN routing to simplify connectivity with secure hubs in Azure Virtual WAN.
Generate and stream high-quality graphics for a high-performance, interactive gaming experience hosted in Azure, with NGads V620-series virtual machines.
One way to alleviate the pain of drift in your Amazon Web Services (AWS) workloads is to use a GitOps workflow to automate Amazon Machine Image (AMI) builds with AWS CodePipeline. In this post, we show you how to deploy a continuous integration and continuous delivery (CI/CD) pipeline, managed by CodePipeline, to build AMIs.
The partnership between Microsoft and SAP has enabled customers to accelerate their business transformation, improve resilience, minimize downtime, and prepare for more rapid growth.
Today, we are excited to announce the preview of Azure Container Storage, the industry's first platform-managed container native storage service in the public cloud, providing end to end storage management and orchestration for stateful applications to run efficiently at scale on Azure.
Network security policies are a critical component of modern IT environments, especially with the increasing adoption of cloud workloads. As workloads
We are rebranding Developer Velocity Lab to Developer Experience Lab to improve developer experiences. Learn more.
In this blog we will talk about how SAP ECS uses Azure Files NFS shares as part of their default deployment and we'll also announce some of the big NFS feature we've been working over the past year including: new 99.99 percent SLA, snapshot support, and nconnect.
I had the opportunity to participate in this year's Open Confidential Computing Conference (OC3), hosted by our software partner, Edgeless Systems. The panel featured some of the industry's most respected technology leaders. Learn more.
Today we are excited to announce the preview of Palo Alto Networks Cloud Next Generation Firewall (NGFW) for Azure, available as a software as a service (SaaS) offering in Azure Virtual WAN.
This post presents recommendations and best practices when migrating your existing VPCs from Amazon Virtual Private Cloud (VPC) Peering to AWS Transit Gateway. It includes a migration walkthrough and considerations that you can address to improve your odds of a seamless migration. This post also details common networking testing and bench-marking tools such as iPerf […]
In this blog, you will learn about each global traffic distribution solution Azure offers, and which solution is the best one for your internet-facing cloud architecture. Currently, Azure offers different options for distributing global traffic. Learn more.
We see many businesses make significant shifts towards cloud computing in the last decade. The Microsoft Azure public cloud offers many benefits to companies, such as increased flexibility, scalability, and availability of resources.
Isovalent Cilium Enterprise on Azure is a powerful tool for securing and managing Kubernetes' workloads on Azure. Isovalent Cilium Enterprise's range of advanced features and easy-to-deploy ability makes it an ideal solution for organizations of all sizes looking to secure their cloud-native applications. Learn more.
For this episode of Inside Azure for IT, we're bringing you three discussions about cloud strategies that can help you not only successfully navigate some of today's uncertainties, but also build agility and increase efficiency while you move ahead. Learn more.
Open source enthusiasts who once scrutinized the Linkerd service mesh are slowly being replaced by corporate clients with more specific needs, Buoyant CEO explains.
A look at the process to get insight into supported system calls and features and to assess how secure a system is and its runtime activity.
Microsoft Azure Firewall now offers new logging and metric enhancements designed to increase visibility and provide more insights into traffic.
Learn how to manage credentials with many accounts, automate IAM credential reports, and consolidate the results.
Organizations today use many ways to drive traffic to their websites and applications. This is important for new feature launches, marketing campaigns, advertising, and so on. One common approach uses HTTP/S redirects, where you send a user from one domain, or Uniform Resource Locator (URL), to another. Redirects are incredibly useful tools when moving websites, […]
AWS Cloud WAN helps you build a unified network that connects your cloud and on-premises environments. To help secure these networks, organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of a defense in depth strategy. In this post, we describe architectural patterns for centrally managing and inspecting outbound network traffic from […]
Many types of organizations encounter DDOS attacks daily. DDoS, or Distributed Denial of Service, is an attack pattern that generates fake traffic to overwhelm organisation's properties (websites, APIs, applications, etc.) and make it unavailable to legitimate users. They majority of these attacks involve a huge burst of fake traffic that exhausts the application's resources (Memory […]
As an AWS customer, you might often want to understand the performance of the AWS Global Network. Visibility into how the AWS Global Network is performing at any given time can help you plan expansions into new AWS Regions and Availability Zones (AZs), as well as streamline troubleshooting of performance-related incidents. Today, I'm happy to […]
When we wrote the previous post (Visitor Prioritization on e-Commerce Websites with CloudFront and Lambda@Edge) five years ago, Visitor Prioritization was a relatively new concept. Since then, we saw a huge need for traffic shaping, throttling, and request prioritizing, especially in the gaming and media industries. Of course, e-Commerce sites still require this capability for […]
Discover a solution for automating Amazon EKS cluster prework using a sample AWS CloudFormation template. We combine this template with a Kubernetes cluster created with the Modular and Scalable Amazon EKS Architecture on AWS solution.
Load balancers are a critical component in the architecture of distributed software services. AWS Elastic Load Balancing (ELB) provides highly performant automatic distribution for any scale of incoming traffic across many compute targets (Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Container Service (Amazon ECS), AWS Lambda, etc.), while enabling developers to adopt security best practices […]
Many of our customers take a "defense in depth" approach to secure workloads within their Amazon Virtual Private Clouds (Amazon VPC). Using domain list rules in AWS Network Firewall and Amazon Route 53 Resolver DNS Firewall lets you enforce network security controls at multiple layers based on domain names. Although both DNS Firewall and Network […]
This post provides a solution to enhance the Amazon CloudFront origin security of on-premises web servers by automating the AWS IP prefix update process for some network firewalls. CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds—all within […]
In part 1 of this blog-post series, we walked you through steps to configure Amazon OpenSearch Service to receive logs from AWS Network Firewall using Amazon Kinesis Data Firehose. In this part 2, we cover steps to generate test alerts, validating them and configure dashboards in Amazon OpenSearch Service to visualize and analyze log data. […]
Azure VMware Solution is a fully managed service in Azure that customers can use to extend their on-premises VMware workloads more seamlessly to the cloud, while maintaining their existing skills and operational processes. Learn more.
During the last two years navigating changing economic climates and a global pandemic that shifted the way we work, we've learned that teams can continue to collaborate together productively and effectively in remote and hybrid settings. A recent Microsoft study shows that hybrid work works.
High-performance computing and orbital data deliver unprecedented insights into weather patterns, improving planning, forecasting, and decision-making, in an ever-evolving agriculture supply chain.
Learn how to reduce the use of managing secret and access keys and quickly deploy all the resources. Use version control to track all changes and enable better control in a multiaccount infrastructure.
Today we are excited to announce the public preview availability of Microsoft Azure Managed Lustre, a new addition to the Azure HPC + AI storage family of products.
Learn how to integrate Checkov into CodePipeline with fully automated pre-deployment compliance checks of your Terraform scripts, including built-in notifications. Our solution provides an end-to-end, automated CI/CD pipeline that allows you to stay compliant with AWS best-practices with minimal operational overhead.
Today we're pleased to announce the general availability of Azure Red Hat OpenShift on Microsoft Azure Government, combining world-class Azure infrastructure with a leading enterprise Kubernetes platform.
Azure High-Performance Computing provides a platform for energy industry innovation at scale.
We are announcing the general availability of Azure Load Testing, a fully managed load-testing service.
Learn to use CloudFormation custom resources in multistack AWS Cloud Development Kit (AWS CDK) applications to read parameters across AWS Regions.
Why pay for a dev tool if you can deploy a free alternative? As we'll illustrate here, the free-IDP approach costs way more than you think.
So you've hired a senior developer. Now they should start doing their magic, right? But it's not so simple, and it can all end up surprisingly disappointing.
CLX is a personalized and self-paced journey that culminates in a certificate of completion—allowing you to maximize learning while minimizing time invested.
Microsoft announces strategic partnership with Isovalent to bring Cilium's eBPF-powered networking data plane and enhanced features for Kubernetes and cloud-native infrastructure.
Create an ephemeral Amazon FSx for Lustre file system that's active on an as-needed basis, allowing you to pay for services only when the system is used. With the file system running only when needed, you can still benefit from a powerful system with fast processing speeds without the high costs associated with a continuously running implementation.
These acronyms represent ways to quantify your commitments to system uptime and measure how successfully your site reliability engineering team is meeting them.
Our team has been busy bringing you a reliable, scalable, and secure monitoring service with Azure Monitor.
Have you created permission sets and assigned them to AWS Identity and Access Management (IAM) groups in AWS Organizations? Have you used existing corporate identities with AWS IAM Identity Center (successor to AWS Single Sign-On) to grant Active Directory groups access to AWS accounts and applications? Save time and minimize errors by managing permission sets automatically with a continuous integration and continuous deployment (CI/CD) pipeline built with AWS developer tools.
Are your infrastructure as code (IaC) Terraform deployments on the Amazon Web Services (AWS) Cloud protected against drift? IaC drift, which can leave your data and resources exposed to security risks, is especially difficult to track down and remove in an environment that spans multiple AWS accounts and AWS Regions. You can do it though, and in this post we show you how.
We're excited to announce that Microsoft has joined the Eclipse Foundation Jakarta EE and MicroProfile Working Groups as an Enterprise and Corporate member, respectively. Our goal is to help advance these technologies to deliver better outcomes for our Java customers and the broader community.
Microsoft was founded as a developer tools company, and developers remain at the very center of our mission. Today, we have the most used and beloved developer tools with Visual Studio, .NET, and GitHub. We offer a trusted and comprehensive platform to build amazing apps and solutions that help enable people and organizations across the planet to achieve more.
Welcome to Microsoft Ignite. I'm thrilled to share how Microsoft is empowering you to innovate with cloud-native and open source on Azure. The growth of Kubernetes and cloud-native applications in Azure and the broader technology has been nothing short of humbling and awe-inspiring. Open innovation is at the heart of nearly every innovation in cloud computing. The cloud-native ecosystem empowers people to build applications that make it easy to take advantage of this innovation.
Transmitting data from one organization to another is a technical problem that has been solved in innumerable ways. What is different about this project? The Eclipse Dataspace Connector (EDC) is a European open source project made up of components that enable multicloud, policy-based, federated data sharing based on European data sovereignty principles.
We are excited to announce the general availability of Azure Files support for authentication with on-premises Active Directory Domain Services (AD DS) today.
Continuing our Azure reliability series to be as transparent as possible about key initiatives underway to keep improving availability, today we turn our attention to Azure Active Directory
Questions about the security of and control over customer data, and where it resides, are on the minds of cloud customers today. We're hearing you, and in response, we published a whitepaper that gives clear answers and guidance into the security, data residency, data flows, and compliance aspects of Microsoft Azure.
Ansible 2.6 was recently released and I am excited to share with you what's new for Azure in Ansible 2.6. In total, four new Azure modules were added in addition to over 17 enhancements to our existing modules.
Today, we're releasing our next update to Workbench, which we're calling version 1.2.0. You can either deploy a new instance of Workbench through the Azure portal or upgrade your existing deployment to 1.2.0 using our upgrade script.
We are pleased to announce that Azure Active Directory is integrated with Spring Security to secure your Java web applications.
Blockchain is increasingly prevalent as a topic of interest in our conversations with business leaders. A growing number of our customers and partners are experimenting with the technology as a…
Secured and lifecycle-managed device identity should just be another component of the IoT developers standard toolbox. Microsoft in collaboration with secure silicon partners is making this a reality.
Announcing public preview of access token for Azure AD B2C. Acquire an access token and use it to call a web api.