With containerization on the rise as cloud adoption soars, find out about the security features associated with Linux containers
Posts tagged "Security"
Most Email Security Approaches Fail to Block Common Threats
A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.
Threatpost
Security update live blog
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $ 10.99/£10.99.
Nordsec adds encrypted cloud storage for business offer
Just days after it announced that it had received investments of $ 100 million, Nordsec, the holding company for the popular NordVPN, has added yet another product to its portfolio. Nordlocker for business is its second product that targets the multi-billion dollar enterprise security market. After NordLayer, NordLocker is a secure cloud storage service that competes with the likes of Wasabi.
“We introduced NordLocker as a robust file encryption tool in 2019. Since then, the product has undergone a few solid development phases and is now positioned as an end-to-end encrypted cloud storage option with a file encryption solution,” says Aivaras Vencevicius, head of product at NordLocker. “It was only natural for us to move forward and launch an encrypted cloud service for business clients to offer a secure, convenient, and cost-effective way to store and manage their data.”
Security update live blog
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $ 10.99/£10.99.
Nordsec adds encrypted cloud storage for business offer
Just days after it announced that it had received investments of $ 100 million, Nordsec, the holding company for the popular NordVPN, has added yet another product to its portfolio. Nordlocker for business is its second product that targets the multi-billion dollar enterprise security market. After NordLayer, NordLocker is a secure cloud storage service that competes with the likes of Wasabi.
“We introduced NordLocker as a robust file encryption tool in 2019. Since then, the product has undergone a few solid development phases and is now positioned as an end-to-end encrypted cloud storage option with a file encryption solution,” says Aivaras Vencevicius, head of product at NordLocker. “It was only natural for us to move forward and launch an encrypted cloud service for business clients to offer a secure, convenient, and cost-effective way to store and manage their data.”
Microsoft launches special Office 365 bundle for maximum security
Microsoft has announced it will launch a new version of its Office 365 productivity bundle, designed specifically for government and intelligence agencies.
The tailor-made collaboration suite, called Office 365 Government Secret, is currently pending accreditation and should be available by mid-2022.
Announcing the news in a blog post, Microsoft CVP Paul Lorimer noted that today’s governments face many challenges, “including increasing employee engagement and productivity with the latest tools, securing and controlling sensitive data, and managing multiple applications, devices, and workloads”.
Add in a heightened demand for security and you end up with a major market in need of “secure, productive, and efficient cloud options”.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
Supporting government agencies
Office 365 Government Secret is built to support the US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within the Secret enclave, Lorimer added.
“With the launch of this new environment supporting Impact Level 6 (IL6), we’re adding to the comprehensive set of Office 365 Government cloud offerings to help meet the full spectrum of government data needs.”
This new productivity suite will run the latest enterprise-grade Office 365 Government productivity, security, compliance, and collaboration applications, it was added.
This is not the first time Microsoft has built custom solutions exclusively for government agencies. In August last year, the company announced the general availability of Azure Government Secret and Top Secret clouds.
Launched with more than 60 initial services (with more in the pipeline), the product was built to “accelerate the delivery of national security workloads classified at the US Top Secret level”. Microsoft also has more than 73 services under Azure Government Secret.
Those that plan to deploy Office 365 Secret environment should engage with their onboarding teams, the company said, in order to be ready when the final authorization is given.
- Check out our list of the best office software right now
Critical Sophos Security Bug Allows RCE on Firewalls
The security vendor’s appliance suffers from an authentication-bypass issue.
Threatpost
Top 3 Attack Trends in API Security – Podcast
Bots & automated attacks have exploded, with attackers and developers alike in love with APIs, according to a new Cequence Security report. Hacker-in-residence Jason Kent explains the latest.
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old “security by obscurity” ways.
Threatpost
GitHub wants to help developers spot security issues before they get too serious
In an effort to further secure open source software, GitHub has announced that the GitHub Advisory Database is now open to community contributions.
While the company has its own teams of security researchers that carefully review all changes and help keep security advisories up to date, community members often have additional insights and intelligence on CVEs but lack a place to share this knowledge.
This is why GitHub is publishing the full contents of its Advisory Database to a new public repository to make it easier for the community to leverage this data. At the same time, the company has built a new user interface for security researchers, academics and enthusiasts to make contributions.
All of the data in the GitHub Advisory Database is licensed under a Creative Commons license and has been since the database was first created to ensure that it remains free and usable by the community.
Contributing to a security advisory
In order to provide a community contribution to a security advisory, GitHub users first need to navigate to the advisory they wish to contribute to and submit their research through the “suggest improvements for this vulnerability” workflow. Here they can suggest changes or provide more context on packages, affected versions, impacted ecosystems and more.
The form will then walk users through opening a pull request that details their suggested changes. Once this done, security researchers from the GitHub Security Lab as well as the maintainer of the project who filed the CVE will be able to review the request. Contributors will also get public credit on their GitHub profile once their contribution has been merged.
In an attempt to further interoperability, advisories in the GitHub Advisory Database repository use the Open Source Vulnerabilities (OSV) format. Software engineer for Google's Open Source Security Team, Oliver Chang provided further details on the OSV format in a blog post, saying:
“In order for vulnerability management in open source to scale, security advisories need to be broadly accessible and easily contributed to by all. OSV provides that capability.”
We'll likely more on this change to the GitHub Advisory Database once security researchers, academics and enthusiasts begin making their own contributions to the company's database.
- We’ve also highlighted the best endpoint protection software
Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security – Podcast
When it comes to ensuring safe cloud app rollouts, there’s flat-out animosity between business shareholders. HackerOne’s Alex Rice and GitLab’s Johnathan Hunt share tips on quashing all the squabbling.
Threatpost