Did you know that you can effortlessly make a small passive income by simply letting an application run on your home computers and mobile phones? It lets others (who pay a fee to a proxy service provider) borrow your Internet Protocol (IP) address for things like watching a YouTube video that isn’t available in their region, conducting unrestricted web scraping and surfing, or browsing dubious websites without attributing the activity to their own IP.
The recent SCARLETEEL incident highlights the importance of detecting security threats early in the development cycle. With Terraform state files, attackers can easily access sensitive information and gain unauthorized access to your cloud infrastructure. In this case, the attackers exploited a containerized workload and used it to perform privilege escalation into an AWS account, stealing software and credentials.
Do you like detective series? Have you ever thought about them actually taking place in cybersecurity? What do you think of CSI on containers? Are you interested in how to apply Digital Forensics and Incident Response (DFIR) to containers and clusters? If all your answers are YES, you will love this article. The CloudNative SecurityCon occurred in early February 2023, where leading security experts gathered to present their latest research and projects.
The SANS Cloud-Native Application Protection Platforms (CNAPPs) Buyers Guide gives companies a deep dive into what to look for in a CNAPP solution. As organizations continue to shift towards integrated platform-based solutions for their cloud security needs, it becomes critical to evaluate whether a CNAPP solution meets all the requirements across use cases like posture management, permissions management, vulnerability management, and threat detection and response.
Rule tuning is one of the most important steps during the definition of the security posture. With the detection rules, it’s impossible to use a “one fits all” approach: every customer has a unique environment, with its peculiarities and business needs. So, when a new rule is released it’s crucial to understand the security use case behind the detection and reduce the false positives (FP) as much as possible. The Threat Research Team constantly checks if noise occurs.
Terraform is the de facto tool if you work with infrastructure as code (IaC). Regardless of the resource provider, it allows your organization to work with all of them simultaneously. One unquestionable aspect is Terraform security, since any configuration error can affect the entire infrastructure. In this article we want to explain the benefits of using Terraform, and provide guidance for using Terraform in a secure way by reference to some security best practices. Let’s get started!
The name Chaos is being used for a ransomware strain, a remote access trojan (RAT), and now a DDoS malware variant too. Talk about chaos! In this case, Sysdig’s Threat Research Team captured attacks using the Chaos variant of the Kaiji botnet malware. There is very little reported information on this malware since September 2022, perhaps because of the unfortunately chaotic naming, or simply because it is relatively new. Kaiji malware was of Chinese origin in 2020 and is written in Golang.
There’s an important shift happening in the cloud security industry: organizations are looking for an integrated platform that connects the dots between several key security use cases from source through production. Whether it is for tool consolidation, consistent end-to-end experience, or “one throat to choke,” customers are increasingly choosing a platform-based approach to address critical cloud security risks.