DevOps Archives - Cyber Security Minute

Bitwarden Announces Secrets Management With a Combination of Open Source, End-to-End Encryption, and Ease of Use

Issued by: Dark Reading

Bitwarden, the leading open source password manager trusted by millions, today launched the open beta of Bitwarden Secrets Manager, designed to centrally secure and manage highly sensitive authentication credentials within privileged developer and DevOps environments. Development teams work across applications and multi-cloud infrastructures, using different tools and platforms. This leads to distributed secrets – API…

Application Security

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Issued by: Security Affairs

Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers exploited a flaw in a third-party media software package to target the firm. “Our investigation has revealed that the threat actor…

Cloud Security

PurpleUrchin Gang Embraces DevOps in Massive Cloud Malware Campaign

Issued by: Dark Reading

More information has become available on “PurpleUrchin,” a malicious campaign in which a threat group called Automated Libra is using DevOps and continuous integration/continuous deployment (CI/CD) practices to mine cryptocurrency on cloud platforms using free trial accounts. The campaign began in August 2019 and has mainly targeted platforms such as GitHub, Heroku, and ToggleBox. Security…

Application Security

C2A Security To Showcase Automotive Cybersecurity DevOps Platform at CES In Las Vegas, January 5-8

Issued by: Dark Reading

C2A Security, a leading provider of automated cybersecurity solutions for connected, autonomous, and electric vehicles will showcase its flagship product, EVSec, during the Consumer Electronics Show (CES 2023) taking place in Las Vegas, January 5-8, 2023. EVSec’s innovative automated cybersecurity DevOps platform helps C2A Security customers and partners including Thundersoft, NTT Data, Marelli, MIH, and…

Cloud Security

The secrets of successful cloud-first strategies

Issued by: CIO Security

Today’s cloud strategies revolve around two distinct poles: the “lift and shift” approach, in which applications and associated data are moved to the cloud without being redesigned; and the “cloud-first” approach, in which applications are developed or redesigned specifically for the cloud. By far the fastest approach is to lift and shift the whole environment,…

Software Security

12 database security landmines, failures, and mistakes that doom your data

Issued by: CSO

In most enterprise stacks today, the database is where all our secrets wait. It’s part safe house, ready room, and staging ground for the bits that may be intensely personal or extremely valuable. Defending it against all incursions is one of the most important jobs for the database administrators, programmers, and DevOps teams that rely…

Cloud Security

How to make sure the switch to multicloud pays off

Issued by: Help Net Security

By now, the benefits of adopting a multicloud approach are well and truly out of the bag. By working with two or more cloud providers, companies can pick and choose offerings from each to leverage the “best of all worlds”, all the while allowing for better contingency planning, avoiding vendor lock-in, and boosting their disaster…

Cloud Security

Cloud-native benefits stifled by critical security and networking issues

Issued by: Help Net Security

While most organizations today are using cloud-native apps, Kubernetes and microservices, they struggle to secure and connect the complex environments resulting from them, a Volterra survey reveals. Securing cloud-native apps Respondents indicated that cloud-native apps and Kubernetes deployments are particularly difficult to secure and connect because of the growing number of APIs and microservices they…

Application Security

The state of application security: What the statistics tell us

Issued by: CSO

The emergence of the DevOps culture over the past several years has fundamentally changed software development, allowing companies to push code faster and to automatically scale the infrastructure needed to support new features and innovations. The increased push toward DevSecOps, which bakes security into the development and operations pipelines, is now changing the state of…