Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Ukraine-Russia conflict has captured the world’s attention, but the physical warfare only tells part of the story. In the weeks leading up to the invasion, seemingly state-sponsored cyberattacks against Ukraine have risen, and now experts fear this may spill over to other nations, too. While much about the conflict remains uncertain, it will undoubtedly have a profound impact on cybersecurity across the globe.

The most beautiful and inspiring aspect about open source code is, well, that it’s open source. We can look at open source packages like gifts that are exchanged between developers across the engineering world, allowing them to learn from the work other people do, contribute their own expertise, and grow their professional capabilities. Contributing to open source is much appreciated, and it is important to remember not only to benefit from these projects, but also to contribute back.

Kubernetes is a valuable resource and a leading container management system in development pipelines across the world, but it’s not exempt from malicious attacks. Using Kubernetes requires a deep understanding of Kubernetes’ environment—including the different vulnerabilities you can be exposed to while creating, deploying, or running applications in your clusters.

TL/DR: Gender inequality and the lack of women is ubiquitous in tech companies – more so in cybersecurity. While it has been a debate that’s been on for years, more action needs to take place to empower female professionals and founders in the sector. In honor of International Women’s Day, a handful of women at Detectify shared more about what inspires them and how they encourage other women to take up space despite the challenges and thrive in the security industry every day.

One chief information security officer (CISO) recently asked me how he should describe SASE (secure access service edge) and zero-trust networking to his company’s directors. My answer was easy: You shouldn’t. As companies revamp their technology infrastructure to leverage cloud efficiencies and enable a remote workforce, cybersecurity is now mission-critical for senior executives and boards of directors.

On March 4th, a new privilege escalation vulnerability (CVE-2022-0492) in the Linux kernel was published. It has the potential to allow container escape and take control over the entire node on which the container runs. All the CSPs and Linux distribution providers have issued patches to close this vulnerability. Unfortunately, there is no unified kernel version numbering across these platforms and some of them allow to apply a patch without changing the kernel version number.

With the release of Elastic Security 8.1, enhance defenses against novel attacks like Log4Shell and prevent adversaries from compromising macOS systems. Achieve visibility into host-based network activity, leverage new sources of threat intelligence, collect data from across your enterprise, and more. Let’s jump in.