Rubrik has been assisting our customers with recovery from cyber attacks since 2018. We immediately took notice of these attacks, and early on, began developing processes and procedures to respond more effectively to better assist our customers. Our spirit of continuous improvement and execution of lessons learned from the field has led to a number of improvements to both our products and processes.
Considering the vast attack surface and flat network architecture, Kubernetes workloads are particularly susceptible to network-based threats. While following best practices like workload access controls, workload-centric IDS/IPS, and WAF can help prevent and block attacks, anomaly detection has become crucial in today’s IT landscape to proactively anticipate security threats.
On the 7th of November, Sumo Logic announced a security incident. Their security team detected the use of a compromised set of credentials to access a Sumo Logic AWS account. This Sumo Logic breach has had a downstream impact on users. Let’s get into the facts of what we know.
Distributed denial-of-service (DDoS) attacks have been around for a long time. However, the sophistication and scale of these threats has grown in recent years. Cybercriminals are employing amplification techniques that exploit vulnerabilities in misconfigured services or network protocols to increase the traffic they can generate and maximize the impact of their attacks.
Since Hamas’s attack on Israel last month, SecurityScorecard’s SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has paid close attention to hacktivist activity provoked by the conflict, with particular focus on the international scope.