Security News
RubyGems.org, the Ruby programming community's software package registry, now requires maintainers of popular "Gems" to secure their accounts using multi-factor authentication. The added security precaution is intended as an additional barrier to account takeovers, the second-most common software supply-chain attack, according to a 2021 research paper, "Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages."
A report released Tuesday by the Cyber Readiness Institute looks at the slow state of MFA adoption among SMBs. CRI surveyed 1,403 small business owners across the U.S., the U.K., New Zealand, Japan, India, Germany, Canada and Australia from May 2 to May 15. Among the respondents, 55% admitted that they're not very aware of MFA and its security benefits, while 54% said they haven't adopted MFA for their business.
How do organizations make sure that cyber security and backup/recovery processes keep up with the evolution to multi-cloud? In addition, how do they ensure that the data which is being stored, accessed, and transferred between multiple clouds and on-premises data center locations meets increasingly stringent data protection and regulatory requirements? 63% believed the emergence of cloud native applications, Kubernetes containers and SaaS workloads posed a risk to data protection, primarily because they lacked adequate tools to manage data protection in so many different environments.
The current web hosting model usually depends on one pathway for data and energy to flow. Multi-data center clustering ensures high availability to websites and applications by hosting your data at two or more separate physical locations.
Canonical released data from a survey revealing the goals, benefits, and challenges of cloud-native technologies. The report has surveyed more than 1,300 IT professionals over the last year about their usage of Kubernetes, bare metal, VMs, containers, and serverless applications.
Microsoft sets multi-factor authentication as default for all Azure AD customers. In a new blog post, the company revealed that it's adding multi-factor authentication as the default security setting for existing Azure customers who haven't changed that setting on their own.
Regardless of how centralized or distributed, the weak link appears when private keys or other MPC components must be computationally executed on a CPU. The point of the encryption protocols is that the algorithm is public, and the security relies only on the keys. If an attacker infiltrates multiple hosts, and gains access to the required pieces, they can perform the multi-party computation on their own and steal digital assets and funds.
Comcast Business published results from a report which provides an overview of the distributed denial of service (DDoS) attack landscape, trends experienced by its customers and insights for measuring and mitigating risks. The report indicates that 2021 was another record year for DDoS attacks, as Comcast Business DDoS Mitigation Services identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously.
The report indicates that 2021 was another record year for DDoS attacks, as Comcast Business DDoS Mitigation Services identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously. Overall, 69 percent of customers experienced DDoS attacks, a 41 percent increase over 2020, while 55 percent were targets of mulit-vector attacks, as opposed to in 2020 where most customers experienced single vector attacks.
According to a recent Pew Research survey, 64 percent of Americans are choosing to remain in either a fully remote or hybrid working environment, forcing businesses to grapple with the increasing complexity that comes with migrating and scaling workloads in the cloud. Qa survey respondents rank visibility into cloud data-in-motion as the top security factor globally.