Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scanning a container image for vulnerabilities or bad practices in your Azure Pipelines using Sysdig Secure is a straightforward process. This article demonstrates a step by step example on how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner in Azure Pipelines. Although possible, it is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

TeamTNT is a prevalent threat actor who has been targeting cloud and virtual environments such as Kubernetes and Docker since at least late 2019. This threat actor is financially motivated, focusing their efforts on stealing credentials and cryptomining. In 2020, we analyzed their use of Weave Scope on an unsecured Docker API endpoint exposed to the internet. In December 2021, we attributed an attack to TeamTNT in which they targeted a vulnerable WordPress pod to steal AWS credentials.

A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. As a result, the client may perform unexpected actions and share the API server credentials with third parties. The aggregated API server extension in Kubernetes API server enables users to extend API server with alternative objects and paths.

Don't bring your personal life into the office; don't bring your work stuff home — these were already difficult tasks prior to the 2020 pandemic. Now, with hybrid work settling in, they have become nearly impossible to achieve. Where we work is no longer tethered to a static location. From the Wi-Fi we connect to, to the devices we use for work, our personal and professional lives are now closely intertwined.

Imagine a burglar. They’ve spent large amounts of time researching their target — your house. They’ve perfected their infiltration techniques, found your weak points, learned your schedule, and know the best time to strike. They’ve shown up when you least expect it and jimmied open the lock on the back door. And now, rather than head inside and steal your valuables, they hold the door open for someone else.

By design, Salesforce is an environment where customer PII and other sensitive information must be shared and stored. However, compliance regulations like PCI DSS, HIPAA, GDPR, CCPA, and others limit this storage and usage of customer data to only what’s justifiably required for an organization to carry out its duties. Even then, there are requirements for how this data should be stored – like whether it should be encrypted, for example.

Password reuse is a common practice amongst teams that can lead to a cybercriminal getting a hold of your online credentials. Despite knowing that it can leave your accounts compromised, a majority of people are still guilty of reusing their passwords. Results from an online security survey by Google and Harrison Poll found that: As cybercriminals use more sophisticated attacks, organizations must emphasize the importance of good cyber hygiene practices to prevent data breaches.

We are pleased to announce the launch of NC Encrypt to provide independent encryption key management and Bring Your Own Key (BYOK) support for Microsoft 365 applications and SharePoint Server environments. The sheer number of communication and collaboration channels the M365 platform has introduced, increases the vulnerability of sensitive data and potential for accidental data loss or overexposure, making protection mechanisms such as encryption critical.

With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater risk of becoming a victim of cybercrime. There are a number of steps that travellers can take to protect themselves from becoming targets of cybercrime. Here are 10 tips for staying cyber safe while travelling.