Boosting Suricata with Next Gen Deep Packet Inspection

Intrusion Detection / Intrusion Prevention Systems (IDS/IPS) play an essential role in cybersecurity by detecting and blocking threats that have penetrated endpoint and perimeter defenses.
Open-source Suricata is one of the most widely deployed IDS/IPS, developed and maintained by the Open Information Security Foundation (OISF), a community-run non-profit foundation. It is used by enterprises and public organizations to protect networks, by consultants to provide cybersecurity services, and by vendors who build more comprehensive commercial cybersecurity solutions on top of Suricata.

Read more

Cybersecurity in Telehealth: Protecting Your Information as a Patient

The use of telehealth has grown by leaps and bounds since the arrival of COVID-19. The pandemic made many in the medical profession realize that not everyone has the ability to leave their home to get quality care. The good news is that the tech has evolved greatly during this time, and now you can do just about everything from discussing symptoms to getting a prescription filled over the computer.
However, as with anything digital, there is a risk of cybercrime. Hackers can breach telehealth platforms and listen in on your conversations or steal the information that you input during the consultation. As a patient, it is your right to be protected, so we have some advice about your rights and how to be smart when accessing telehealth platforms.

Read more

Security and Observability for Cloud Native Platforms Part 3

Monitoring and observability are essential for Kubernetes runtime security, i.e., protection of containers (or pods) against active threats once the containers are running.
Monitoring is a predefined set of measurements in a system that are employed to detect the deviations from a normal range. Kubernetes can monitor a variety of data types (Pod logs, Network flow logs, Application flow logs and Audit logs) and metrics (Connections per second, Packets per second, Application requests per second and CPU and memory utilization). These logs and metrics are utilized to identify known failures and provide detailed information to resolve the issue.

Read more

The Complete Guide to Data Security for Omnichannel Retailers

The retail sector is rapidly digitizing. As consumers push for seamless online experiences, many retailers have embraced an omnichannel approach to marketing and sales. Retailers are considered omnichannel when they incorporate several different methods of shopping such as an online shop, a physical store and excepting phone sales. While this shift has many business advantages, data security for omnichannel retailers often falls short — and retail cyber attacks grow.
Omnichannel strategies aim to provide a consistent experience across in-store, social media and online shop interactions on all devices. Businesses employing them retain 89% of their customers, so omnichannel is quickly becoming the norm. However, these strategies’ cybersecurity challenges become more concerning as retail data security issues rise.

Read more

Security and Observability for Cloud Native Platforms Part 2

There are several possible routes to attacking a containerized deployment, and one way to map them is to think of the potential attack vectors at each stage of a container’s life cycle.
The life cycle starts with the application code written by a developer. This code, as well as the third-party dependencies on which it relies, may contain flaws known as vulnerabilities. There are thousands of vulnerabilities that have been published, and if they exist in an application, an attacker may have the ability to exploit them. Examples of vulnerabilities are secret exposure and application (including CNF microservices) traffic in plane text, which can be intercepted and altered.

Read more

The CFO and Cybersecurity – An Essential Partnership

It’s time the CFO got involved in cybersecurity. Remote working has opened vast possibilities for cyber-attackers to access financial data and processes, spreading risk factors well beyond the borders of the IT department.
Everything can be done, and is, on the internet these days, thanks to the global pandemic.

Read more

Security and Observability for Cloud Native Platforms Part 1

This article comprises three parts. We first introduce what a cloud native platform is with a deep dive into Kubernetes (K8s), which is the most popular open-source solution to container orchestration. Then, we discuss the threat landscape and overall security framework for mitigating the corresponding risks. The last part of the article focuses on monitoring and observability using the extended Berkeley Packet Filter (eBPF) technology.

Read more

The History of Hacking Part 2

So, we are at the second part of the history of hacking. If you missed the first part, you can find the article right here on Cybersecurity Magazine. Last time we looked at the Legion of Doom (LoD) and we’ll stick with them here at the start, because in the early nineties what became known as the hacker wars were raging! These wars were fought between members of the LoD and members of the Masters of Deception(MoD). This time it is about the story from the ’90s until 2010.

Read more