This blog will explain how Falco’s Cloudtrail plugin rules can be aligned with MITRE ATT&CK Framework for Cloud. One important note is that the team at MITRE has developed several different matrices to address the unique risk associated with adversaries in the cloud, in containerized workloads as well as on mobile devices.

The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL, that resulted in stolen proprietary data. The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials. They also attempted to pivot using a Terraform state file to other connected AWS accounts to spread their reach throughout the organization.

On December 2022, a security researcher from the Outpost24 Ghost Labs team discovered a vulnerability on the ThingsBoard IoT platform, where a normal user’s privileges can be escalated, by doing a simple post with an additional header, and exploiting the associated flaws, to take control over the entire platform and related accounts. Upon reporting of the vulnerability to the vendor, it was quickly resolved.

With growing volumes of personal data being collected, analyzed, shared and stored, there is more expectation than ever on businesses to ensure privacy for their employees, clients and wider supply chain. The digital age has streamlined ways of working, improved the targeting and personalization of services and communications and made detailed information available at the touch of a screen. But personal data is exactly that – personal.

The Election Commission of India issues the Indian Voter ID Card (officially known as the Elector’s Photo Identity Card (EPIC)) to adult Indian citizens who have reached the age of 18. It is primarily used for identity proof of Indian citizens when they cast their votes in local, state, and federal elections held in the nation. It may also be used for identity verification of name, address, and age verification for other needs like getting a SIM card for a phone or applying for a passport.

In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.

If you’ve been following along our journey, you know that LimaCharlie makes it easy and cost effective to get security data from any source, normalized into a single hub with the unique added benefit of running detection, automation, and response rules at wire speed. On top of being able to store all of your data within LimaCharlie, you get granular control and the ability to send data to any external destination.

In today's ever-changing digital world, users of digital risk protection solutions encounter various obstacles. Although the top players in the digital risk protection industry provide powerful solutions that come with an array of features and capabilities, customers must still navigate a complicated and fast-moving environment of potential threats.

Most application security testing focuses on server-side vulnerabilities. While vulnerability management alerts are necessary within today’s threat landscape for increased security, your teams can quickly become overwhelmed by them. These alerts can create a lot of noise for your development teams, other IT staff, and even your business operations.

‍ Welcome back to another edition of our monthly product rollup! This month, we’re excited to bring you enhancements to search with saved search queries, Smart Upload for Egnyte’s Android app, improvements to Microsoft co-editing on Desktop App and Desktop App Core for Mac, and more.