Every year we survey visitors to our booth at Black Hat about trending topics. This year, we asked about ransomware and the ever-increasing complexity of our cybersecurity environment. The results are very interesting - things may be getting much better, or we may all be collectively in denial. Let's break it down.

The backend developer team at Detectify has been working with Go for some years now, and it’s the language chosen by us to power our microservices. We think Go is a fantastic language and it has proven to perform very well for our operations. It comes with a great tool-set, such as the tool we’ll touch on later on called pprof. However, even though Go performs very well, we noticed one of our microservices had a behavior very similar to that of a memory leak.

A man-in-the-middle attack (MITM attack) is a cyber attack where an attacker relays and possibly alters communication between two parties who believe they are communicating directly. This allows the attacker to relay communication, listen in, and even modify what each party is saying. Man-in-the-middle attacks enable eavesdropping between people, clients and servers. This can include HTTPS connections to websites, other SSL/TLS connections, Wi-Fi networks connections and more.

TechCrunch reports that a security researcher stumbled across an exposed server on the internet containing databases with a total of more than 419 million records related to Facebook users. According to TechCrunch’s reporting, each database record contains a user’s unique Facebook account ID (from which it’s possible to determine a user name) and phone numbers attached to the account.

Working as a cybersecurity analyst is incredibly challenging. It’s one of the only roles in IT that requires 24/7/365 availability. The constant stressors of the job can overload security analysts, which ultimately leads to burnout—affecting every factor of the job from performance to talent retention.

AquaSec’s Daniel Sagi recently authored a blog post about DNS spoofing in Kubernetes. TLDR is that if you use default networking in Kubernetes you might be vulnerable to ARP spoofing which can allow pods to spoof (impersonate) the IP addresses of other pods. Since so much traffic is dialed via domain names rather than IPs, spoofing DNS can allow you to redirect lots of traffic inside the cluster for nefarious purposes.

Okta is a cloud-based identity management service that provides authentication and authorization tools for your organizations’ employees and users. You can use Okta to incorporate single sign-on, multi-factor authentication, and user management services right into your applications.

A cyber threat (or cyber security threat) is the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties.

Containers have become a popular technology for enterprises that need to create agile, scalable and reliable applications. As they’re moving containerized workloads into production, many are adopting Kubernetes for container orchestration. While containerization enables DevOps to deploy software fast and efficiently, it also creates new security challenges, especially for those who’ve accelerated their implementation of this complex technology.

This week marks six months since the last of three compliance deadlines for the New York State Department of Financial Services (NYDFS) Cybersecurity Regulations. As of March 1, 2019, many financial services firms operating in New York state are now required to abide by a new set of cybersecurity standards that dictate how they manage, share, and control access to data.