Security as Code: Why It’s Important and What You Need to Know

Software is becoming an increasingly pivotal part of modern business and society. In turn, consumers have come to expect instant gratification. This has driven businesses to concentrate on innovation and speed to market. Businesses that can???t keep up with the hyper-competitive market of speed-to-value are falling behind.

BrandPost: Creating a Zero Trust Foundation

To prevent security breaches and data loss, organizations have directed a lot of time, effort, and capital spend toward security initiatives. Even the most advanced “next generation” application layer firewalls filtering malicious traffic at the network perimeter have only revealed equal if not greater threats within. To help counter this internal threat, organizations have invested heavily in internal monitoring and other advanced security controls that inspect traffic at all layers of the OSI stack to identify malicious activity and stop it before it reaches the destination, or to issue an alert on the activity alone. 

COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office

Much has been said about the shadow cast by the pandemic across security teams, as well as the widespread and seismic changes it has facilitated across every part of business function. The sudden shift into remote working has been a challenging endeavour for everyone, but especially among senior management. According to the recent COVID-19 State of Remote Work Survey 2.0, OneLogin recently discovered that they in fact represent the biggest security risk to a business. Nevertheless, much less has been said about the personal pressure which these changes in business and working culture have exerted on individuals.

400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack

A ransomware attack launched against gaming company Capcom last November keeps getting worse, threatpost reported this week. The company now says that the personal data of up to 400,000 of its customers was compromised in the attack — 40,000 more than the company originally thought. Capcom is a Japan-based publisher of blockbuster games like Resident Evil, Street Fighter and Dark Stalkers.  The breach was first detected on Nov. 2.. On Nov. 19, Capcom said its personal as well as corporate data was compromised. This is the third update from Capcom on the incident.

This Week in Security: Ubiquiti, Nissan, Zyxel, and Dovecot

You may have been one of the many of us who received an email from Ubiquiti this week, recommending a password change. The email stated that there was an unauthorized access of Ubiquiti systems, and while there wasn’t evidence of user data being accessed, there was also not enough evidence to say emphatically that user data was not accessed. Ubiquiti has mentioned that the database that may have been accessed contains a user’s name, email address, hashed password, and optionally the mailing address and phone number.

Elon Musk giveaway scam spreads throughout Twitter

Malicious actors have hacked a number of Twitter accounts, including verified accounts, in an Elon Musk giveaway scam. Security researches MalwareHunterTeam have seen an increase in the number of verified Twitter accounts being hacked by a scam which claims that Elon Musk is giving away cryptocurrency. Accounts are compromised by replying to the giveaway tweet. The tweet contains links to a Medium article promoting the giveaway, with the article containing further links to the scams landing page.