Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kubernetes and its enterprise-level cousin, Red Hat OpenShift, have secured their spot as the platforms of choice when it comes to managing containerized applications at a large scale. However, these complex environments require maintaining top-level security. According to a recent survey, 80% of companies faced at least one cloud security incident in the past year. As OpenShift clusters grow more complex, the potential for vulnerabilities also increases, increasing the risk of exploitation.

The days where applications were monoliths built of proprietary code, and releases were set quarterly are no more. Instead, they have been replaced by fast paced development sprints, with software created using plenty of code from open-source repositories. The growing complexities of software development and the associated risks have far exceeded the abilities of traditional application security.

In cybersecurity, current approaches don’t stay current for long. Organizations that fail to adapt accordingly often discover this fact at the cost of their secure network. This is particularly true in the face of complex and increasingly unpatchable attack surfaces and a corresponding reduction in the impact of automated remediation practices. Traditional security approaches are unable to fully address these challenges.

Kroll observed the use of SPARKRAT in conjunction with a previously undocumented loader written in Golang. The loader assists in the initial infection and deployment of the malicious payload, enabling SPARKRAT to execute on a system. This process allows the payload to reach the target system undetected and unquarantined. The loader achieves its goal by decoding and decrypting a secondary payload binary, then injecting it into a notepad.exe instance.

Complying with International Organization for Standardization/International Electrotechnical Commission 27001 (ISO/IEC 27001) is crucial for ensuring robust cybersecurity practices within your organization and safeguarding your crucial assets.

In the ever-evolving landscape of cybersecurity, staying updated with the latest standards and protocols is crucial. One such standard that has undergone significant changes is the Payment Card Industry Data Security Standard (PCI DSS) Requirement 11. This requirement, focused on the regular testing of security systems and networks, has seen notable updates in its transition from version 3.2.1 to version 4.0.

We’re back again with a monthly-ish blog reflecting on major goings on in the security world. I am writing the first draft on the rarest of holidays, leap day1! February gets extended by a day every four years, and if we had to guess Ivanti wishes this month would end.

The reality of cybersecurity is simple – breaches will occur – and reactivity will always be the losing strategy. Having a cyber resilience framework shifts the focus from preventing attacks to ensuring readiness, mitigating impact, and driving a swift return to operations. With the average data breach costing millions – like it or not – cyber resilience is no longer optional. But how do we translate ‘cyber resilience’ into actionable steps? It starts with a framework.

New Linux malware campaign targets misconfigured servers, ransomware actors diversify their exfiltration tools, and Cado reveals its top cloud threat findings report for 2H23.

Salt Labs researchers identified generative AI ecosystems as a new interesting attack vector. vulnerabilities found during this research on ChatGPT ecosystem could have granted access to accounts of users, including GitHub repositories, including 0-click attacks.