Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The recent news about Google’s multi-billion-dollar acquisition of Wiz has sparked widespread conversation across the cybersecurity world. Its price tag reflects its strong reputation, Wiz is a leader in Cloud Security Posture Management (CSPM) solution. Its strength lies in identifying potential risks before they impact your live environment.

ARMO researchers reveal a major blind spot in Linux runtime security tools caused by the io_uring interface—an asynchronous I/O mechanism that bypasses traditional system calls. Most tools, including Falco, Tetragon, and Microsoft Defender fail to detect rootkits using io_uring because they rely on syscall monitoring. ARMO’s proof-of-concept rootkit, Curing, operates fully via io_uring to demonstrate the threat.

The best way to understand real-world attacks is to observe them in the wild. Following this principle, our research team set up a decoy Kubernetes workload designed to attract malicious actors – a honeypot in a Kubernetes cluster we named the “Honey-pod.” Inside this pod, we deployed Apache Druid, a popular open-source analytics database known for its scalability and, unfortunately, for a history of exploitable vulnerabilities.

Kubernetes 1.33 marks another exciting milestone in the evolution of this widely adopted container orchestration platform. A big shoutout to the release team for their hard work and contributions! In this update, Kubernetes continues to enhance its capabilities to meet the ever-evolving demands of modern cloud-native environments. Let’s take a closer look at the key security improvements and other features that caught our attention.

With DHS ending MITRE’s CVE funding, the future of global vulnerability tracking is uncertain. Here’s what it means for security teams and what comes next.

The answer depends on who you ask – and how they approach threat detection.

Software supply chain attacks cost businesses $45.8 billion globally in 2023 alone, and is projected to exceed $80.6 billion by 2026. According to Gartner’s projection, 45% of organizations will experience software supply chain attacks this year. These emphasize the importance of software supply chain security and the need for every organisation to prioritize it.