The Power and Future of the Qualys Cloud Platform

Qualys Security Conference 2019 kicked off this morning at the Bellagio hotel in Las Vegas. The event actually began on Monday with training sessions over the first two days, but this morning hundreds of attendees filled a conference room to listen to keynote presentations about the state of cybersecurity and the vision for the future of the Qualys Cloud Platform. The morning started with an insightful presentation from Richard Clarke,…

November 21, 2019
Read More >>

Security Automation Firm ZecOps Raises $10 Million in Seed Funding

ZecOps, a San Francisco-based threat detection and security automation company, announced this week that it has secured a total of $10.2 million through a seed funding round. Founded in 2017, the company has been operating in stealth mode and does not publicly provide much detail on its flagship automated Digital Forensics and Incident Response (DFIR) & APT detection platform.  The company does claim that its solutions are agentless, can quickly…

November 21, 2019
Read More >>

Use IAM to share your AWS resources with groups of AWS accounts in AWS Organizations

You can now reference Organizational Units (OUs), which are groups of AWS accounts in AWS Organizations, in AWS Identity and Access Management (IAM) policies, making it easier to define access for your IAM principals (users and roles) to the AWS resources in your organization. AWS Organizations lets you organize your accounts into OUs to align them with your business or security purposes. Now, you can use a new condition key,…

November 21, 2019
Read More >>

New Legislation Would Block US Firms From Storing Personal Data in China, Russia

New legislation introduced this week aims to put a stop to the flow of Americans’ sensitive personal data to countries that threaten national security.  Introduced by U.S. Senator Josh Hawley (R-Mo.), the National Security and Personal Data Protection Act of 2019 (PDF) would require tech companies to only collect user data necessary for their operations and never transfer the data to countries of concern. By countries of concern, the bill…

November 20, 2019
Read More >>

PayMyTab Exposes Restaurant Customer Data: Report

Application Security , Governance , IT Risk Management Researchers Say Company Left Customer Data Unsecured in AWS S3 Bucket Akshaya Asokan (asokan_akshaya) • November 20, 2019     An unsecure database belonging to PayMyTab, a company that provides U.S. restaurants with mobile payment apps and devices, left payment card and other customer data exposed, according to a new report from two independent security researchers. The unsecured Amazon Web Services database…

November 20, 2019
Read More >>

Continuously monitor unused IAM roles with AWS Config

Developing in the cloud encourages you to iterate frequently as your applications and resources evolve. You should also apply this iterative approach to the AWS Identity and Access Management (IAM) roles you create. Periodically ensuring that all the resources you’ve created are still being used can reduce operational complexity by eliminating the need to track unnecessary resources. It also improves security: identifying unused IAM roles helps reduce the potential for…

November 20, 2019
Read More >>

Ransomware Analysis: ‘Shade’ Surges; Other Trends Emerge

Fraud Management & Cybercrime , Fraud Risk Management , Next-Generation Technologies & Secure Development Researchers Explain Resurgence in Ransomware, Persistence of Exploit Kits Mathew J. Schwartz (euroinfosec) • November 20, 2019     Desktop of a Windows host infected with Shade ransomware (Source: Palo Alto Networks) Attacks tied to Shade ransomware continue to surge as part of an overall resurgence in ransomware, security researchers warn. See Also: Webinar | The…

November 20, 2019
Read More >>

Creating Your First Nuxt App – A CRUD Book Store

Learn how to create a Nuxt application. CRUD – Create, Read, Update, Delete I assume that you already know the fundamentals of Vue JS and/or you are a bit familiar with the framework. Nuxt JS is a robust framework, built on Vue JS. It is essentially the same as Vue JS. Then why, Nuxt? For most people, the decision to use Nuxt JS is usually for its SSR capabilities. What…

November 20, 2019
Read More >>