Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API2:2019 Broken User Authentication happens when an attacker bypasses an API’s authentication and authorization mechanisms and gains access to sensitive data or functionality that should only be available to authorized users.

Learn about Kubernetes compliance challenges, consequences of non-compliance, and get guidance on maintaining a secure and compliant cloud environment in a dynamic Kubernetes setup. Kubernetes is a leading open-source platform for automating containerized applications’ deployment, scaling, and management. With the growing adoption of cloud, hybrid, and multicloud environments, the topic of Kubernetes compliance has become increasingly pertinent.

As the frequency and complexity of cybersecurity threats continue to grow, it is becoming increasingly important for organizations to adopt advanced tools and techniques to protect themselves. One way to do this is by utilizing the MITRE attack framework (ATT&CK), a comprehensive taxonomy of common tactics, techniques, and procedures (TTPs) cyber attackers use to compromise information systems and steal data.

CrowdStrike has discovered the first-ever Dero cryptojacking operation targeting Kubernetes infrastructure. Dero is a relatively new and privacy-focused cryptocurrency that uses directed acyclic graph (DAG) technology to claim complete anonymity of its transactions. The combination of anonymity and the higher rewards ratio makes it potentially lucrative to cryptojacking groups compared to Monero, which is commonly used cryptocurrency by attackers or groups running miner operations.

The first step in Anti-Money Laundering (AML) due diligence is to Know Your Customer (KYC). A financial institution (FI) promptly implements KYC processes to identify and confirm a new customer’s identification. These procedures enable FIs to evaluate the risk profile of a customer based on that person’s propensity for financial crime. KYC is a procedure that cryptocurrency exchanges are required to follow.

A Rootkit is a malicious program composed of malware that is created to provide prolonged root-level or privileged-level access to a computer. It remains hidden in the computer system while maintaining control of the system remotely. Rootkits have the ability to steal data, eavesdrop, change system configurations, create permanent backdoors, deactivate other security defensive programs, and conceal other types of malware.

The world of security advisories is disjointed, with disparate systems holding critical documentation in various formats. To make matters more challenging, despite living in a digital-first era, most of these documents are not legible for machines and must be parsed, reviewed, or referenced by humans.

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

What if a malicious threat actor would want to get into the U.S. Department of Defense’s (DoD) network. Could they do it? You may think this only happens in the movies, right? In this case, reality surpassed fiction. On Dec.20, 2018, the APT10 Group did exactly that. Members of APT10 stole personal, confidential information, including social security numbers and dates of birth, from over 100,000 Navy personnel.

Today, Netskope partnered with the Cloud Security Alliance to release the Data Loss Prevention (DLP) and Data Security Survey Report, a survey focused on data protection needs in cloud and hybrid work environments. Unsurprisingly, the report found that the biggest pain point organizations identify with trying to modernize their data protection strategy is that current DLP deployments show limitations when it comes to cloud and remote work use cases, and they are a nightmare to manage.