Running a Kubernetes-based infrastructure is challenging and complex. Administrators often lament how complicated performance optimization and monitoring are, which can lead to problems in production. Additionally, even finely-tuned Kubernetes deployments can encounter sporadic issues. When Kubernetes starts behaving in strange ways, digging into logs can help you uncover breadcrumbs. These contextual hints can help lead you to possible solutions.

1Password for SSH was shared with the world last month. I have been using it since it was available for internal beta. I knew it would improve my endpoint security. I didn’t expect it to change the way I generated, stored and used SSH keys the way I work.

While most developers — myself included — primarily write in higher-level languages like Python or JavaScript, sometimes you need to add in native elements to improve performance or other project aspects. Since these native extension invocations are typically written in C or C++, suddenly a project primarily using JavaScript or Python must also account for potential C/C++ transient dependencies.

Over the past week, threat actors have started scanning for and opportunistically exploiting CVE-2022-29464--a remote code execution vulnerability in multiple WSO2 products used to integrate application programming interfaces (API), applications, and web services. CVE-2022-29464 vulnerability has a CVSS score of 9.8 and severity of Critical which allowed unauthenticated and remote attackers to execute arbitrary code in the following products.

There has been tremendous growth in Microsoft 365 usage with the current remote work trend, leading to an explosion of Microsoft 365 data. Microsoft infrastructure and platforms support the availability, reliability, and security of this infrastructure by providing world-class perimeter defense, controlling access to keep attackers out, and detecting risky behavior. However, customers are responsible for protecting the data itself - emails, chats, files, etc.

Vulnerability assessments define, identify, classify, and prioritize flaws and vulnerabilities in applications, devices, and networks that can expose organizations, their products, services, code, and applications, to attack. Security vulnerabilities allow malicious actors to exploit an organization’s applications and systems, so it is essential to identify and respond to them before attackers can exploit them.

While every sector of the economy experiences cyber attacks, the oil and gas industry is a particularly enticing target because there are inherent weaknesses in its rapidly expanding digital landscape. It's also an industry that can't afford to go offline at any time, which means cybercriminals can force quick action from those they attack.

The advance of the 21st century brought with it a significant shift in the work scene. Every industry and field relies heavily on computers and the digital world to function seamlessly. However, with it came the ever-mounting fear of cyber attack. Among the many forms of cyber attack is a watering hole attack, also known as a supply chain attack. In a watering hole attack, attackers mainly try to compromise a user by infecting the user’s computer and gaining access to the network.

In the recent MITRE Engenuity ATT&CK Enterprise Evaluation — which emulated today’s two most sophisticated Russian-based adversaries, WIZARD SPIDER and VOODOO BEAR (Sandworm Team) — CrowdStrike Falcon achieved 100% automated prevention across all of the evaluation steps.

Cryptocurrency mining (or crypto mining) can be a lucrative yet resource-intensive operation, so cyber threat actors are targeting more organizations in order to take advantage of their cloud resources for mining. Datadog Cloud SIEM can now help you monitor your cloud-based systems for unwanted crypto mining via a built-in detection rule. All you need to get started is to configure your resource logs with Datadog’s @network.client.ip standard attribute.