When we hear the word hacking, our minds immediately go to servers, computers and laptops being hacked, but hacking isn’t just for computers, Wi-Fi routers can get hacked as well and are no exception to cyber attacks.
Are you wondering how to secure your Kubernetes clusters? Do you even know whether your Kubernetes is secure? Kubescape by ARMO might be the tool to help you with those and many other tasks related to Kubernetes security and scanning. Check this video by Viktor Farcic from DevOps Toolkit on Kubescape as he covers the 3 main K8s security areas – While reducing the number of false positives to a minimum and getting help fixing issues.
Cyber security (or information security) aims to protect an organisation’s or individual’s assets, be they digital or physical. In digital assets, an individual’s password is the most sensitive and valuable piece of information that cybercriminals can attempt to get their hands on.
The open ports in your hardware could be critical points of vulnerability if the services exposed to them are misconfigured or unpatched. Unfortunately, many organizations are currently exposing their sensitive resources through such malicious connections, heightening the risk of ransomware attacks, supply chain attacks, and data breaches.
In the last few days, Linux maintainers disclosed a broadly available Linux kernel vulnerability that enables attackers to escape containers and get full control over the node. To be able to exploit this vulnerability, the attacker needs to be able to run code in the container and the container must have CAP_SYS_ADMIN privileges. Linux kernel and all major distro maintainers have released patches.
Did you know that the household data of 123 million Americans were recently stolen from Alteryx’s Amazon cloud servers in a single cyberattack? But the blame for this cannot fairly be laid at the feet of Jeff Bezos. No – the origin of this theft, and many other cybersecurity crimes began long before this data was uploaded to any cloud server. In another high-level cyberattack, financial data on 47,000 Americans was exposed on an S3 bucket from the US National Credit Federation in 2017.
Kubernetes is the popular container orchestration platform developed by Google to manage large-scale containerized applications. Kubernetes manages microservices applications over a distributed cluster of nodes. It is very resilient and supports scaling, rollback, zero downtime, and self-healing containers. The primary aim of Kubernetes is to mask the complexity of overseeing a large fleet of containers.
On June 23, 2021, threat actors reported that they had stolen a terabyte of data from Saudi Aramco, a state-owned oil company in Saudi Arabia. The threat actors released samples of data they had procured after redacting critical information. They also claimed to have detailed information on Aramco’s employees, such as their full names, photographs, passport scans, emails, phone numbers, residence permit (Iqama card) numbers, job titles, employee ID numbers, and family information.
The results from the 2021 Global Security Attitude Survey paint a bleak picture of how organizations globally are feeling about the cybersecurity landscape before them. Organizations are grappling with shortages of cybersecurity skills and a lack of capability to detect and contain intrusions in a timely way.
