Archive for January 19, 2021

Parler Takes The Next Step In Making A Comeback

Posted in Commentary with tags on January 19, 2021 by itnerd

Right-wing social media platform Parler, which has been offline since Amazon Web Services Thanos snapped it off the Internet last week, has reappeared on the Web with a promise to return as a fully functional service “soon“:

Although the platform’s Android and iOS apps are still defunct, this weekend its URL once again began to resolve to an actual website, instead of an error notice. The site at the moment consists solely of the homepage, which has a message from company CEO John Matze. “Now seems like the right time to remind you all — both lovers and haters — why we started this platform,” the message reads. “We believe privacy is paramount and free speech essential, especially on social media. Our aim has always been to provide a nonpartisan public square where individuals can enjoy and exercise their rights to both. We will resolve any challenge before us and plan to welcome all of you back soon. We will not let civil discourse perish!” 

And:

Parler, however, was deplatformed in the first place explicitly because the content it allowed to flourish was anything but “civil,” and as multiple reports have made clear, the service backend was designed with basically no thought given to privacy. Meanwhile, the path Parler appears to be taking to rejoin the Internet is a shady one paved for it by other explicitly extremist, white nationalist platforms that lost access to more mainstream services after being tied to terrorism.

And there’s the fact that getting a service online that allegedly millions of people used minus the resources of a company like Amazon Web Services is going to be a sketchy proposition at best. Personally, I can’t see it happening. And if it does happen, it will likely be a very unstable platform to be on. But I guess we will see what happens.

Trend Micro Announces Advanced Cloud-Native Container Security Solutions To Cloud One Platform

Posted in Commentary with tags on January 19, 2021 by itnerd

Trend Micro Incorporated today announced its advanced container security solution Cloud One – Container Security. Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimize application downtime across their Kubernetes environments, from a single tool.

This new service is an important addition to Trend Micro’s Cloud One services platform that was introduced last year. As IDC stated, “Trend Micro launched Cloud One, its integrated cloud security services (SaaS) platform that addresses customers’ security challenges around datacenter servers and virtual machines, IaaS workloads, containers and containers services, cloud security posture management, cloud file and object storage services, and serverless.” 

Global organizations are increasingly leveraging containers to accelerate cloud migration, rearchitect monolithic applications and build and integrate seamless cloud native applications. This can create security gaps that traditional network and endpoint tools are not capable of addressing.

Trend Micro Cloud One Container Security offers three main elements:

Container image scanning

This scans at build time for the earliest possible detection and lowest cost remediation. In addition, through partnership with Snyk there is a scan against the market leading open source vulnerability database. This provides early detection and mitigation of vulnerabilities in third-party code dependencies. Cloud One – Container Security will:

  • Look for vulnerabilities in the packages included in the container
  • Detect malware using signatures and advanced machine learning techniques
  • Find embedded secrets such as passwords, API tokens, or license keys
  • Sweep for IoCs using industry-standard Yara rules

Policy-based deployment control

Container security enables you to create policies that allow or block deployments based on set rules. Native integration with Kubernetes ensures that all deployments run in a production environment are safe.

Cloud-native runtime security

Once an image has been deemed safe and is deployed into production, Cloud One Container Security will protect the container in the runtime environment. This offers ongoing vulnerability detection for the containerized application and provides relevant feedback to security and DevOps teams in case further action is needed.

Keyfactor Announces Strategic DevSecOps Partnership With Infinite Ranges

Posted in Commentary with tags on January 19, 2021 by itnerd

Keyfactor, the leader in PKI as-a-Service and crypto-agility solutions, today announced a strategic partnership with digital transformation solutions provider Infinite Ranges. The collaboration enables enterprise teams to overcome the DevSecOps gap through the implementation of best practices and automated solutions.

recent survey of more than 600 IT and security professionals identified likely occurrences of code signing and key misuse in enterprise environments over the next two years; 73% of respondents experienced unplanned downtime and outages due to mismanaged digital certificates. Many enterprises employ Public Key Infrastructure (PKI) and digital certificates in DevOps workflows to secure code through its lifetime. However, traditional PKI relies on manual processes, making it ill-equipped for agile process requirements.

Infinite Ranges’ specialization as an implementation partner for both Keyfactor and Hashicorp Vault provides a unique offering within the market.

Keyfactor provides cloud-hosted PKI-as-a-Service infrastructure through integrated certificate and key management, secure signing and secure IoT device design. The platform provides discovery, integration and orchestration capabilities, enabling teams to gain complete crypto-agility, extensibility and visibility.

01 Communique Announces Bounty Contest 2021

Posted in Commentary with tags on January 19, 2021 by itnerd

01 Communique Laboratory Inc. one of the first-to-market, enterprise level cybersecurity providers for the quantum computing era, has announced a Bounty Contest. You are invited to join the Bounty Contest 2021 (February 22 – March 22) for the chance to win a grand prize of CAD100,000 in cash. This Bounty Contest is exclusively sponsored by PwC China.

As the race for quantum supremacy intensifies, so is the concern over cyber security. Quantum computers could very well crack traditional encryption earlier than we expect. Canadian Company 01 Communique claims that its cryptography technology, IronCAP™ can be deployed on existing computers in order to protect them against the quantum threat. It is prepared to put IronCAP™ to the test in the Bounty Contest.

The Company expects participants from around the world to test its quantum-safe encryption. Beginning on Monday, February 22 at 12am EST, participants will be given 30 days to explore IronCAP™ encryption. A cash prize of CAD100,000 will be awarded to the first person that is able to break the encryption. The result will be announced on Monday, March 22 where the outcome of the Bounty Contest will be revealed!

You can register for the event beginning February 8th online at https://ironcap.ca/ironcap-bountycontest