Captain's Log, Stardate 2021.04.16

circle
circle

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

Sabotage at Iranian Nuclear Plant Was Likely Meant to Permanently Damage Centrifuges | Zero Day
Kim Zetter, investigative journalist and author of Countdown to Zero Day, has started her own site, Zero Day. It is worth following if you're interested in, in depth coverage of cyber events through long form journalism. Highly recommended.

Security Bug Allows Attackers to Brick Kubernetes Clusters | Threat Post
A vulnerability in one of the Go libraries that Kubernetes is based on could lead to denial of service (DoS) for the CRI-O and Podman container engines. Tara Seals covers the story in Threat Post, along with commentary on the announcement from Palo Alto Networks.

Pandemic Pushes Bot Operators to Redirect Efforts | DARKReading
Robert Lemos has an interesting observation when it comes to bot activity during the pandemic. The focus of bot creators has moved from travel, lodging and concerts to ecommerce, healthcare and government sites. As an example, he points out that "bots account for 35% of the traffic to healthcare sites". 

3 Key Cybersecurity Trends To Know For 2021 | Forbes
Expanded cyber attack surface, ransomware as a cyber weapon of choice, threats against critical infrastructure... Chuck Brooks outlines major concerns for the coming year (and beyond). As he states in the article, "The most important tasks based on analyzing trends is to be have a mitigation strategy, be vigilant, try to fill gaps, and learn from lessons of the recent cyber-breaches."

Two Truths And A Lie About Cloud Security | JupiterOne
Cloud technology saved many businesses from catastrophe during this past year, but it’s also introduced additional challenges to security, compliance, and governance practices. Ashleigh Lee covers the cloud security skills gap, technology sprawl, and myth behind "compromise is mandatory". 

 

Resources

avatar

Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.

Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.

As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE

cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.