CrowdStrike has discovered the first-ever Dero cryptojacking operation targeting Kubernetes infrastructure. Dero is a relatively new and privacy-focused cryptocurrency that uses directed acyclic graph (DAG) technology to claim complete anonymity of its transactions. The combination of anonymity and the higher rewards ratio makes it potentially lucrative to cryptojacking groups compared to Monero, which is commonly used cryptocurrency by attackers or groups running miner operations.

What if a malicious threat actor would want to get into the U.S. Department of Defense’s (DoD) network. Could they do it? You may think this only happens in the movies, right? In this case, reality surpassed fiction. On Dec.20, 2018, the APT10 Group did exactly that. Members of APT10 stole personal, confidential information, including social security numbers and dates of birth, from over 100,000 Navy personnel.

Many engineers like to stick to the IDE or the command line as they use those for their daily tasks instead of jumping into yet another SaaS web application. To improve the Styra DAS experience for them, we developed Styra Link, a tool that allows users to perform most of the tasks of the Styra DAS UI and manage OPA from the CLI or from VS Code. Styra DAS offers a fully integrated policy authoring and lifecycle management experience in a web-based UI.

Vulnerabilities are only one part of the cloud security story. Misconfigurations are still the biggest player in security incidents and, therefore, should be one of the greatest causes for concern in organizations.

Kubernetes is an open source orchestration platform for containerized workflows. It is the best way to manage – or orchestrate – large clusters of containers at scale. Sometimes abbreviated as K8s, Kubernetes helps you efficiently manage clusters of hosts running Linux containers. In the age of containers, Kubernetes has become a popular open source project and key building block for modern tech infrastructure.