Security News

Sysdig announced intent to acquire Apolicy to shift security further left and expand the Sysdig offering to include Infrastructure as code security. Checking for security as configurations are defined 'shifts security further left,' allowing teams to identify and resolve issues before infrastructure is deployed.

The US is offering a $10m reward to anyone who dobs in digital outlaws responsible for foreign government-backed cyberattacks on critical national infrastructure such as pipelines, power grids, and communication networks. The cash incentive is part of the US State Department's Rewards for Justice programme and the ongoing war on cybercrime that has in recent months crippled fuel pipelines and meat production.

Sunlight launches its Sunlight Infrastructure Manager and Marketplace to make it simple to deploy and manage infrastructure and applications in highly distributed Edge environments as well as in the Cloud - enabling true Edge 'Software as a Service' models. The SIM joins Sunlight's NexVisor HCI to provide a complete software-defined Edge computing stack at a fifth of the cost of trying to deploy the leading data center hyperconverged solution at the Edge.

Cyber incidents continue to rise, ransomware accounts for nearly two-thirds of all malware attacks, and more cybercriminals are customizing malware for attacks on virtual infrastructure, Positive Technologies finds. According to the research, the number of attacks increased by 17% compared to Q1 2020, with 77% being targeted attacks, and incidents with individuals accounting for 12% of the total.

Spending on compute and storage infrastructure products for cloud infrastructure, including dedicated and shared environments, increased 12.5% year over year in the first quarter of 2021 to $15.1 billion, according to IDC. Investments in non-cloud infrastructure increased 6.3% year over year in 1Q21 to $13.5 billion. Shared cloud infrastructure spending is expected to surpass non-cloud infrastructure spending in the near future.

StrikeReady launched StrikeReady Recon, a combination of internal and external intelligence that provides a cross-section of the most active and in-the-wild campaigns, intrusions, and attacks targeting organizations globally, assisting them in protecting their mission-critical infrastructure and systems. Because of this, StrikeReady has developed a threat model-based approach aka StrikeReady Recon for organizations to prioritize and focus on threats that affect their operations or goals.

SecPod announced that it has extended its vulnerability management capabilities to the whole network infrastructure through its latest product release, SanerNow 5.0. With this new release, SanerNow is an all-encompassing vulnerability and patch management solution and is more competitively positioned in the vulnerability assessment market.

The Luxembourg's Quantum Communications Infrastructure project, coordinated by the Department of Media, Telecommunications and Digital Policy of the Luxembourg Ministry of State, and supported by the European Space Agency and the Luxembourg Space Agency under the Luxembourg National LuxIMPULSE programme, will create a secure communications shield against cyber threats based on quantum technology. To design the LuxQCI, Luxembourg has put in place a consortium comprising InCert, itrust consulting, LuxConnect, LuxTrust and the University of Luxembourg, that is led by SES's fully-owned affiliate SES Techcom.

According to a recent poll by SentryBay, the infrastructure of over 21% of surveyed companies has failed key PCI compliance assessments, designed to assist them to maintain high security standards when processing customer card payments. A further 29.3% said that they had no confidence in their own company's compliance when it came to PCI DSS. Lack of confidence in the PCI standards.

Armis released new data uncovering the lack of knowledge and general awareness of major cyberattacks on critical infrastructure and an understanding of security hygiene. The survey of over 2,000 respondents from across the United States found that end users are not paying attention to the major attacks plaguing operational technology and critical infrastructure across the country, signaling the importance of businesses prioritizing a focus on security as employees return to the office.