Captain's Log, Stardate 2021.06.25

circle
circle

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

Alert Overload Distressing 70% of SecOps Teams | Infosecurity
Over half (51%) said their team is being overwhelmed by the volume of alerts and 55% admitted that they aren’t confident in their ability to prioritize and respond to them. On average, respondents said they’re spending over a quarter (27%) of their time dealing with false positives. Read the full story...


How Hackers Used Slack to Break into EA Games | Vice

The group of hackers who stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token. The group stole the source code for FIFA 21 and related matchmaking tools, as well as the source code for the Frostbite engine that powers games like Battlefield and other internal game development tools. Read the full story...

Airspeeder wants to make electric flying racing cars a reality in 2021 | TechCrunch
While much of the eVTOL industry has its sights set on urban air taxis or cargo transportation, entrepreneur Matthew Pearson had another idea: electric flying race cars. So in 2019, he founded two companies, Alauda Aeronautics to manufacture the aircraft and Airspeeder, an international series to race them. Now, Airspeeder says it has completed the first test flights of the debut electric flying race car and is poised to host the inaugural race of its EXA series this year. Read the full story...

Google SLSA, Linux Foundation Drops SBOM for Supply Chain Security Boost | sdxcentral
Google and the Linux Foundation separately debuted new tools to improve supply chain security, with a specific focus on open source software, as federal agencies work on software-related standards and guidelines called for in President Biden’s recent cybersecurity executive order. Google launched Supply chain Levels for Software Artifacts or SLSA, pronounced “salsa.” The Linux Foundation rolled out software bill of materials (SBOM) tools and training as it pushes its open source Software Package Data Exchange (SPDX) project. Read the full story...

Solving for Endpoint Compliance in a Cloud-First Landscape | JupiterOne

Before I became a Security Engineer at JupiterOne, I was the sole security automation and cloud compliance engineer at LifeOmic. We built the JupiterOne platform to support the needs we had at LifeOmic eventually spinning off as our own company. We went all-in on AWS services, delivering most of our applications on serverless technology stacks. We leveraged SaaS services whenever we can and federated identity and access to these services via Okta. We had almost zero on-premises technology footprint. Read the full story...

Resources

Modern Visibility in Cyberseccurity

avatar

Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.

Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.

As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE

cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.