Many companies feel like they’ve successfully pivoted to remote and hybrid work. Team members have learned the tools and processes required to be successful outside the office, and IT departments have adjusted their security rules and policies accordingly. But now, nearly two years into the pandemic, another cybersecurity threat has emerged: employee burnout.

Detectify co-founder and expert bug bounty hunter Fredrik Nordberg Almroth (@almroot) recently spoke at Hack Your Stockholm, our first in-person event after a 2-year hiatus, addressing the issue of the growing attack surface of companies and how it is the most pressing issue facing CISOs today. He recaps his thoughts in this post.

The purpose of the Cyber Threat Intelligence (CTI) team is to understand the cyber threat environment and communicate intelligence so that the organisation can make better decisions about lowering cyber risk. Decision stakeholders can be people or systems therefore the information, and the way it is communicated, needs to be tailored to each user.

The Sysdig Threat Research Team has detected an attack that can be attributed to the TeamTNT. The initial target was a Kubernetes pod exposed outside the network. Once access was gained, the malware attempted to steal AWS credentials using the EC2 instance metadata. TeamTNT is a threat actor that conducts large-scale attacks against virtual and cloud solutions, like Kubernetes and Docker.

As we look ahead to 2022, we should pause to reflect on the trends of the past year. Ransomware and supply chain attacks have become two of the top concerns for organizations following a series of high-profile attacks, such as those conducted against Colonial Pipeline, SolarWinds and Kaseya. In 2021, our Project Memoria revealed close to 100 different vulnerabilities in common TCP/IP stacks, affecting hundreds of operational technology (OT) vendors.

On November 10, 2021, Palo Alto Networks released advisories for eight different vulnerabilities affecting the company’s VPN firewall products. The vulnerabilities’ criticality ranges from ‘medium’ to ‘critical,’ with the most severe vulnerability, CVE-2021-3064 (CVSSv3.1 of 9.8), allowing for unauthenticated remote code execution, or RCE.

Today, we’re announcing our $50 million Series B funding led by Insight Partners with participation from SentinelOne, GGV Capital, and Bessemer Venture Partners. Together with them, we believe that security teams deserve better. Better ways to collaborate, better ways to work, better ways to keep our lives and livelihoods protected.

Trustwave has been accredited by the internationally-recognized professional certification board CREST for its world-class vulnerability assessment services. Trustwave is now uniquely accredited with multiple CREST accreditations across Vulnerability Assessment (VA), Intelligence-Led Penetration Testing (STAR), Penetration Testing (PEN TEST) and STAR-FS Intelligence-Led Penetration Testing.

While we are a long way from implementing Skynet, using machine learning combined with automation to make real-time decisions is here. In a recent talk at Sumo Logic Illuminate, Dave Frampton, General Manager of Cloud SIEM and Security Analytics, discusses the future of security with Vijaya Kaza, Head of Engineering and Data Science for Trust & Safety and Chief Security Officer at Airbnb. Kaza describes how automation, machine learning and AI can strengthen a company's overall security posture.

Gartner made an interesting prediction just a few years ago: “Through 2025, 99% of cloud security failures will be the customer’s fault.” Practically every single cloud security failure can be fairly described as a misconfiguration of one kind or another. The 2025 end is kind of arbitrary, really; the prediction is likely to be true until the end of time. In my previous article, I discussed targeting these misconfigurations at their root.