Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

CSI Forensics: Unraveling Kubernetes Crime Scenes

This is the second episode of the CSI Container series, published and presented at CloudNativeSecurityCon 2024. In this episode, we focus on Kubernetes CSI, how to conduct DFIR activities on K8s and containers, and how to perform static and dynamic analysis. As we covered in the first episode, DFIR refers to the union of Digital Forensics (DF) and Incident Response (IR). We also highlighted how conducting DFIR activities in a container environment differs from the usual DFIR in a host environment.

How Calico Helps with PCI Compliance for Containers and Kubernetes

The Payment Card Industry Data Security Standard (PCI DSS) is a global standard designed to ensure the security of cardholder information. It is crucial for any organization that stores, processes, or transmits payment card data to comply with PCI DSS to protect the integrity and confidentiality of cardholder information.

Four Ways to Streamline Your Security Review Process

Security reviews of third-party vendors are now an essential element of an effective governance, risk, and compliance (GRC) function. After all, there have been numerous examples in recent years of organizations with an otherwise strong security posture falling victim to threats that originated with supply chain partners. But whether you are on the sending or receiving end of a security review, completing the process can be time-consuming and inefficient.

External IP Addresses to Include in Pentest: Best Practices for Security Testing

Carrying out a pentest correctly is important for finding and fixing security holes in a company. Including useful external IP addresses is an important part of pentesting. Hackers can get into a company's network and possibly take advantage of vulnerabilities by using these addresses as entry points. Companies can make sure their pentests are thorough and useful by carefully choosing and ranking which external IP addresses to test.

EP 64 - Identity Reinvention: Insights From the World's First Augmented Ethical Hacker

In this episode of the Trust Issues Podcast, host David Puner sits down with CyberArk’s resident technical evangelist, white hat hacker and transhuman, Len Noe. They dive into Len’s singular journey from a black hat hacker to an ethical hacker, exploring his identity reinvention and the fascinating world of subdermal microchip implants and offensive security.

Check, Update, and Choose a PowerShell Version

You may want to know the PowerShell version installed on your machine. While novice users may go to Programs in the Control Panel to check the PowerShell version, it’s often quite the disappointment when they don’t find PowerShell listed as a program there. Instead, you’ll need to resort to other methods to find the PowerShell version. This article provides a comprehensive guide to checking the PowerShell version you’re running.

How to Record and Monitor RDP Sessions with Syteca [Hands-on Guide]

Monitoring remote desktop protocol (RDP) connections to your infrastructure is essential for maintaining a secure IT environment and managing insider risks. Additionally, recording remote user activity on your organization’s servers and other critical endpoints is often a requirement of cybersecurity laws and regulations.

New Research: 140% Increase in Callback Phishing

Researchers at Trustwave observed a 140% increase in callback phishing attacks between July and September 2024. Callback phishing is a social engineering tactic that involves emails and phone calls to trick users into handing over login credentials or other sensitive data or installing malware. The attacks begin with a phishing email that appears to be a notification for something that needs to be addressed urgently, such as an order invoice or an account termination notice.

Ransomware Gang Attack Tactics Have Shifted

A recent analysis of the ransomware group Meow raises the notion that groups are evolving from using encryption as a tactic to more profitable and cost-effective methods. At the end of the day, ransomware is a business. Those behind the malware used in ransomware attacks typically seek to make money, whether that be directly from the victim organization or by way of a nation-state paying for the gang’s services.

The Forensic Investigator Role: Skills and Responsibilities

Businesses adopt new and sophisticated technology every day. All that tech, however, comes with the risk of crime or financial fraud. That’s what forensic investigators help with — they solve these crimes by identifying the criminals and recovering the assets. Forensic investigators collect evidence from crime scenes, analyze it, and conclude the results in a report that later serves as an important document in trials.