On January 16, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) sent out a Cybersecurity Advisory (CSA) about active threat actors deploying the AndroxGh0st malware. This is significant as cyber criminals are actively using this malware to target Laravel (CVE-2018-15133) (an open source PHP framework).env files and obtain credentials for various high profile applications like Office365, SendGrid, and Twilio.

This blog post explores what endpoint devices are and why businesses of all sizes should be prioritizing endpoint security.

The Snyk Security Labs team recently embarked on a research project into the Docker engine. During this project, I had the opportunity to perform what is arguably my favorite kind of research using my favorite selection of tools. The research panned out quite successfully, and we identified four high severity vulnerabilities that allow a malicious attacker to break out of a container environment with a controlled Dockerfile under docker build and, in one case, docker run.

On February 2nd, 2024, AnyDesk disclosed that their production systems had been compromised and that private code signing keys and source code were stolen, while an unknown number of user accounts had their passwords reset. This is a significant concern, as it would allow a malicious attacker to generate malicious versions of AnyDesk software with compromised code that appears to be legitimate. It is assessed that approximately 18,000 credentials are available for sale on the Dark Web as a result.

The General Data Protection Regulation (GDPR) is a European Union law that governs how companies may collect and use the personal data of EU residents. It establishes standards that help ensure that this data is not stored, handled or shared in a way that would expose individuals to risk. The law also specifies how organizations must respond in case of a data breach.

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape.

In 2023, Remote Access Trojans (RATs) and Trojan Stealers were some of the most prevalent types of malware in the cybersecurity landscape. RATs and Trojan Stealer malware represent significant cybersecurity threats, as they’re often employed to conduct espionage, surveillance, and data theft, which emphasizes the critical need for robust defenses.

Nowadays, most of the applications are deployed on containers and orchestrated using Kubernetes or similar technology. Due to this, the performance, stability, and scalability are highly increased. But, it also widens up the attack surface if proper security controls, techniques, tools, and practices are not followed/used. So, if your application is running on containers or if you are thinking about deploying containers, then learning about container security best practices is a must.