%term

Securing AWS API access with Netskope Inline Cloud Protection

Mar 8, 2022 By Netskope In Netskope

Watch this demo, presented by Yuri Duchovny, Netskope Principal Global Solutions Architect. Netskope Intelligent Security Service Edge (SSE) is fast, easy to use, and secures your transactions wherever your people and data go. Be ready for anything on your SASE journey with Netskope’s SSE solution. SSE is the convergence of security capabilities into a single cloud-centric platform.

View Video

Netskope

Read more about Securing AWS API access with Netskope Inline Cloud Protection

Dirty Pipe: Linux Kernel Vulnerability Could Lead to Root Privileges - CVE-2022-0847

Mar 8, 2022 By Sule Tatar In Arctic Wolf

In April 2021, CVE-2022-0847 was discovered by security researcher Max Kellermann; it took another few months for him to figure out what was happening. The flaw has already been patched in the Linux kernel and the Android kernel. Affected Linux distributions are in the process of pushing out security updates with the patch. Due to the similarities of the Dirty Cow flaw, CVE-2016-5195; has been named Dirty Pipe.

Read Post

Arctic Wolf

Read more about Dirty Pipe: Linux Kernel Vulnerability Could Lead to Root Privileges - CVE-2022-0847

Cloud Threats Memo: Tightening Up Leaky GitHub Repositories

Mar 8, 2022 By Paolo Passeri In Netskope

Another day, another cloud service leaking personal data because of a misconfiguration. And before you jump to any conclusions, no, it’s not a leaky bucket on AWS S3 or a public blob on Microsoft Azure… The culprit is, once again, GitHub, where an open-source hardware manufacturer has inadvertently left exposed a private-to-public repository that “could have enabled unauthorized access to information about certain user accounts on or before 2019.”

Read Post

Netskope

Read more about Cloud Threats Memo: Tightening Up Leaky GitHub Repositories

The 7 Signs of SOC Misalignment

Mar 8, 2022 By Devo In Devo

When it comes to maintaining your car’s performance, getting regular wheel alignments can prevent uneven braking, reduced fuel efficiency, and accelerated tire wear. For all four tires to work together, traveling in the same direction, proper alignment is vital. So, too, it is for the modern SOC. Or at least it should be.

Read Post

Devo

Read more about The 7 Signs of SOC Misalignment

CVE-2022-0492: Privilege escalation vulnerability causing container escape

Mar 8, 2022 By Stefano Chierici In Sysdig

Linux maintainers disclosed a privilege escalation vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and Exposures ID of CVE-2022-0492 and is rated as a High (7.0) severity. The flaw occurs in cgroups permitting an attacker to escape container environments, and elevate privileges. The vulnerable code was found in the Linux Kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function.

Read Post

Sysdig

Read more about CVE-2022-0492: Privilege escalation vulnerability causing container escape

Random but Memorable - Episode 9.0: Puzzle Solving Developer Community with Stack Overflow

Mar 8, 2022 By 1Password In 1Password

This week, we’re joined by Jeremiah Peschka from Stack Overflow to learn why building communities for developers is so important, and how code is reshaping our world in 2022. In Watchtower Weekly this episode, we also discuss how hacking communities have responded to the conflict in Ukraine and how graphics-chip giant, Nvidia, may have got revenge on its hackers. Plus, if Wordle wasn’t addictive enough, we also take a look at the lesser-known version: PassWORDLE!

View Video

1Password

Read more about Random but Memorable - Episode 9.0: Puzzle Solving Developer Community with Stack Overflow

Working with MSSPs to optimize XDR

Mar 8, 2022 By Michael Vaughn In AT&T Cybersecurity

Businesses today have many tools in their security stack and security teams find themselves spending too much time managing the tools and not enough time tackling business-critical projects. Security tool overload creates internal challenges and distracts from the primary business mission. How can companies better protect themselves while staying on track to achieve goals?

Read Post

AT&T Cybersecurity

Read more about Working with MSSPs to optimize XDR

Mitigating Risks in Software Supply Chain

Mar 8, 2022 By Snyk In Snyk

By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done.

View Video

Snyk

Read more about Mitigating Risks in Software Supply Chain

How the Ukraine-Russia Conflict Could Impact Cybersecurity

Mar 8, 2022 By Secude In SECUDE

The Ukraine-Russia conflict has captured the world’s attention, but the physical warfare only tells part of the story. In the weeks leading up to the invasion, seemingly state-sponsored cyberattacks against Ukraine have risen, and now experts fear this may spill over to other nations, too. While much about the conflict remains uncertain, it will undoubtedly have a profound impact on cybersecurity across the globe.

Read Post

SECUDE

Read more about How the Ukraine-Russia Conflict Could Impact Cybersecurity

Simplifying container security with Snyk's security expertise

Mar 8, 2022 By Hadas Bloom In Snyk

The most beautiful and inspiring aspect about open source code is, well, that it’s open source. We can look at open source packages like gifts that are exchanged between developers across the engineering world, allowing them to learn from the work other people do, contribute their own expertise, and grow their professional capabilities. Contributing to open source is much appreciated, and it is important to remember not only to benefit from these projects, but also to contribute back.

Read Post