Threat Actor of the Month - Shathak
Meet Shathak – a threat group tied to malware used in the Russian-speaking underground targeting enterprises across different sectors in the Americas, Europe and Asia
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
What do you mean by Identity Verification? Why is Identity Verification an important process?
Ever since the digital transformation in banking, we have seen a giant shift towards digital onboarding in financial services. Technologies like liveness and identity verification solutions have started to be a prominent step in intelligent digital onboarding. ID verification software with the capability to onboard customers quickly and remotely have helped in this shift towards digital customer onboarding.
Protecting Critical Infrastructure from Cyber Attacks
Ransomware and other malicious threats have become commonplace around the globe. But the reality is, whether it be encrypted records, stolen email credentials, or exfiltrated financial statements, these incidents generally involve a limited number of individuals or groups. Before your feathers are completely ruffled, understand that by no means am I minimizing the impact cybercriminals can have on a business. But have you considered attacks of greater scale? Perhaps those that affect the populus?
Measuring Cyber Hygiene
What you can’t measure, you can’t improve. In cybersecurity, nothing like this existed until SecurityScorecard came along. We introduced a set of objective KPIs that are trustworthy, accurate, and could be used to compare companies to each other. We do this by assembling hundreds of different signals across different categories of risk, such as application security, network security, endpoint security, leaked credentials, and shared records.
Container Image Scanning for Azure Pipelines with Sysdig
Scanning a container image for vulnerabilities or bad practices in your Azure Pipelines using Sysdig Secure is a straightforward process. This article demonstrates a step by step example on how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner in Azure Pipelines. Although possible, it is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.
Threat news: TeamTNT targeting misconfigured kubelet
TeamTNT is a prevalent threat actor who has been targeting cloud and virtual environments such as Kubernetes and Docker since at least late 2019. This threat actor is financially motivated, focusing their efforts on stealing credentials and cryptomining. In 2020, we analyzed their use of Weave Scope on an unsecured Docker API endpoint exposed to the internet. In December 2021, we attributed an attack to TeamTNT in which they targeted a vulnerable WordPress pod to steal AWS credentials.
CVE-2022-3172 - kube-apiserver can allow an aggregated API server to redirect client traffic to any URL
A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. As a result, the client may perform unexpected actions and share the API server credentials with third parties. The aggregated API server extension in Kubernetes API server enables users to extend API server with alternative objects and paths.
Work and Life Have Intertwined: Why You Need to Protect Against Phishing on Both Fronts
Don't bring your personal life into the office; don't bring your work stuff home — these were already difficult tasks prior to the 2020 pandemic. Now, with hybrid work settling in, they have become nearly impossible to achieve. Where we work is no longer tethered to a static location. From the Wi-Fi we connect to, to the devices we use for work, our personal and professional lives are now closely intertwined.
Initial Access Brokers: What They Are, How They Gain Access, and Who Uses Their Services
Imagine a burglar. They’ve spent large amounts of time researching their target — your house. They’ve perfected their infiltration techniques, found your weak points, learned your schedule, and know the best time to strike. They’ve shown up when you least expect it and jimmied open the lock on the back door. And now, rather than head inside and steal your valuables, they hold the door open for someone else.
Now Available: Nightfall Expands Data Security and Compliance for Salesforce Customers
By design, Salesforce is an environment where customer PII and other sensitive information must be shared and stored. However, compliance regulations like PCI DSS, HIPAA, GDPR, CCPA, and others limit this storage and usage of customer data to only what’s justifiably required for an organization to carry out its duties. Even then, there are requirements for how this data should be stored – like whether it should be encrypted, for example.