Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

New Vulnerability Exposes Kubernetes to Man-in-the-Middle Attacks: How to Mitigate CVE-2020-8554

A few weeks ago a solution engineer discovered a critical flaw in Kubernetes architecture and design, and announced that a “security issue was discovered with Kubernetes affecting multi-tenant clusters. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.” If a hostile user can create a ClusterIP service and set the spec.externalIP field, they can intercept traffic to that IP.

Lessons to Learn from the Latest Business Email Compromise Scam and AZORult Stealer

Ever heard of AZORult? Sounds like some nerdy stuff. I am not gonna lie, it slightly is! It is a trojan that steals various data including login credentials, browser history, cookies, and more. The history of AZORult is well known by those in the cyber security industry. AZORult was initially discovered back in 2016. As the years passed, we saw some of its ongoing malicious attacks.

ISO 27001: Should You Expect it From Your API Vendors?

ISO 27001 is a way for companies to prove a certain standard of security to their customers. You may recognize ISO as the standards body that issues international standards and classifiers for all kinds of products and services, including date and time standards, country and currency codes, and structural systems—like the ones we’ll be discussing in this article.

The MITRE ATT&CK framework and scenario-based security testing

Statistics routinely collected and assessed as part of network and endpoint monitoring include events per second, alerts and false positives, with success often benchmarked by the time to detect, respond and recover. Incorporating scenario-based testing into the threat detection process allows organisations to obtain additional insight into the true effectiveness of detection and response controls and procedures by benchmarking performance against the attributes of specific types of attacks.

Collect and monitor Microsoft 365 audit logs with Datadog

Microsoft 365 is a suite of cloud-based productivity and communication services that includes Microsoft Office applications (including OneNote and OneDrive) as well as other popular Microsoft tools like Skype and Teams. Microsoft 365 tools and services are at the core of many organizations’ data management and day-to-day workflows, so monitoring activity across your environment is key to making sure that these services remain secure and meet compliance standards.

Four things hackers don't want you to know

It’s something of a cliché to say that hackers are shady types, often lurking in the shadows. Usually this is just a metaphor, though if you take stock imagery at face value, you’d be forgiven for thinking they only ever appear at night whilst wearing a hoodie. Like most clichés however, this contrivance does have an element of truth in it. The fact is that hackers often work just as hard to keep themselves and their tactics hidden as they do to find vulnerabilities to exploit.

How attackers exploit the WordPress Easy-WP-SMTP zero-day

On November 6th, 2019, Detectify added security tests for 50+ of the most popular WordPress plugins, including Easy-WP-SMTP. Although the zero-day affecting Easy-WP-SMTP (CVE-2020-35234) was recently patched, WordPress estimates that many of the 500,000+ active installs of the plugin remain unpatched. Detectify scans your applications for this vulnerability and alerts you if you are running a vulnerable version of WordPress and WordPress plugins.

Data Protection in the Age of Cloud Native Applications with CloudCasa - Part 3

In part 1 of this blog series on data protection for Kubernetes and cloud native applications, we addressed the need for Data Protection for Containerized Applications. Given that the leading Kubernetes distributions and managed cloud services do not include native capabilities for data protection and disaster recovery, service providers and enterprises need additional data management tools such as CloudCasa to provide these.

How We Use Fuzzing Integrated by Ada Logics

This summer, Ada Logics integrated continuous fuzzing into Teleport to strengthen the security posture of the project. We’d like to thank Adam Korczynski from Ada Logics for initiating contact and doing the work. In this blog post, we will give a brief introduction to fuzzing and explain how to carry on the work moving forward. The motive for this work was to take the first steps in implementing fuzzing into Teleport’s development pipeline.

What is SOX compliance? 2020 requirements, controls and more

The Sarbanes-Oxley Act of 2002 (SOX) was passed by the United States Congress to protect the public from fraudulent or erroneous practices by corporations or other business entities. The legislation set new and expanded requirements for all U.S. public company boards, management, and public accounting firms with the goal to increase transparency in financial reporting and to require formalized systems for internal controls. In addition, penalties for fraudulent activity are much more severe.