Ransomware and other malicious threats have become commonplace around the globe. But the reality is, whether it be encrypted records, stolen email credentials, or exfiltrated financial statements, these incidents generally involve a limited number of individuals or groups. Before your feathers are completely ruffled, understand that by no means am I minimizing the impact cybercriminals can have on a business. But have you considered attacks of greater scale? Perhaps those that affect the populus?

With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater risk of becoming a victim of cybercrime. There are a number of steps that travellers can take to protect themselves from becoming targets of cybercrime. Here are 10 tips for staying cyber safe while travelling.

On 28th of August fortbridge.co.uk reported a vulnerability in csurf middleware – expressjs supporting library that enables CSRF protection in expressjs. As of 13th of September csurf library has been deprecated with no plans to fix the vulnerabilities. There is no viable alternative for csurf middleware now.

The technology industry has unlocked innovation across all sectors as an enabler of digital transformation. Most organizations are now outsourcing critical operations to tech companies, such as cloud providers. Tech vendors are now left to manage an ever-growing volume of sensitive data, which they must secure effectively to prevent large-scale data breaches. IBM and Ponemon Institute’s 2022 Cost of a Data Breach Report found a record high average breach cost of US$4.35 million.

In today’s hybrid, multi-cloud environments, users and administrators connect to various cloud services using Command Line Interface (CLI) tools and web browsers. This post highlights the risks associated with unprotected and unmonitored cloud credentials which are found on endpoints, in file shares and in browser cookies. Get actionable and direct guidance around: In order to alert on and hunt for this malicious activity. Business workloads are increasingly undergoing a migration to the cloud.

Scanning a container image for vulnerabilities or bad practices in your Azure Pipelines using Sysdig Secure is a straightforward process. This article demonstrates a step by step example on how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner in Azure Pipelines. Although possible, it is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

TeamTNT is a prevalent threat actor who has been targeting cloud and virtual environments such as Kubernetes and Docker since at least late 2019. This threat actor is financially motivated, focusing their efforts on stealing credentials and cryptomining. In 2020, we analyzed their use of Weave Scope on an unsecured Docker API endpoint exposed to the internet. In December 2021, we attributed an attack to TeamTNT in which they targeted a vulnerable WordPress pod to steal AWS credentials.

A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. As a result, the client may perform unexpected actions and share the API server credentials with third parties. The aggregated API server extension in Kubernetes API server enables users to extend API server with alternative objects and paths.