Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

CUPS: Unraveling a Critical Vulnerability Chain in Unix Printing Systems

A series of critical vulnerabilities has been uncovered in the Common Unix Printing System (CUPS), specifically in the cups-browsed component and related libraries. This vulnerability chain allows remote, unauthenticated attackers to potentially execute arbitrary code with root privileges on affected systems. The discovery highlights significant security risks in a widely-used open-source component and raises crucial questions about legacy system support and security in modern IT environments.

Complete your Kubernetes security with runtime protection

Kubernetes today is the de facto standard for container orchestration, deployment automation, scaling, and management of containerized apps. The robustness and scalability of this open-source platform make it a valuable tool for businesses leveraging cloud-native technologies and DevOps practices. However, as with any technology that handles sensitive data and crucial operations, the importance of security in Kubernetes environments can’t be overstated.

Top open-source CSPM projects to secure your cloud infrastructure

As more organizations move their critical infrastructure to the cloud, ensuring security has become a top priority. This is where Cloud Security Posture Management (CSPM) comes in. CSPM solutions validate the configuration of cloud services from a security perspective, ensuring alignment with best practices and compliance frameworks such as CIS Benchmarks, PCI-DSS, NIST, and others.

CEL and Kubescape: transforming Kubernetes admission control

Admission control is a crucial part of the Kubernetes security, enabling the approval or modification of API objects as they are submitted to the server. It allows administrators to enforce business logic or policies on what objects can be admitted into a cluster. Kubernetes RBAC is a scalable authorization mechanism, but lacks the fine grained control over different Kubernetes objects. This creates the need for another layer of control which is Admission Policies.

Cryptominers in the Cloud

Over the past decade, Bitcoin’s value has increased more than 200-fold. Similarly, other cryptocurrencies have also seen significant growth, prompting many individuals to engage in mining for profit. This rise in cryptocurrency mining has led to a substantial increase in the use of cryptominers. As organizations increasingly migrate their computing workloads to the cloud for various benefits, attackers have shifted their focus to these cloud resources for cryptocurrency mining.

NEW: ARMO Platform Introduces Auto-Generation of Seccomp Profiles

We are thrilled to announce the latest enhancement to ARMO Platform: Seccomp Profiles Leveraging eBPF. This feature uses eBPF to take the guesswork out of creating seccomp profiles. Thus, benefiting from the added security seccomp profiles provide, without the risk of “breaking” applications.

ARMO's new security-boosting summer cocktail: Layered Vulnerability Scanning, SBOM View, and new Auto-Generated Network Policies

This summer ARMO is proud to announce a batch of new features designed to enhance your cloud security posture. We developed groundbreaking capabilities for in-depth vulnerability scanning, simplified vulnerability management with SBOM view, and streamlined network policy generation for two popular CNIs, Calico and Cilium.. We invite you to explore these new features and discover how they can add to your organization’s security. Let’s go.

CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass - A Deep Dive

Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands immediate attention from security professionals and DevOps teams. CVE-2024-7646, affecting the popular ingress-nginx controller, allows malicious actors to bypass annotation validation and potentially gain unauthorized access to sensitive cluster resources. This vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High).

Runtime anomaly detection in Kubernetes: enhancing security through context-aware profiling

Runtime anomaly detection is fast becoming a critical component for protecting containerized environments. Recent advancements in this field are addressing long-standing challenges and introducing innovative approaches to enhance security posture.