TechBites - The Threat of Ransomware
Today Barney breaks down Ransomware as a threat to businesses, how ransomware attacks are deployed and the damage to organisations hit by this form of attack.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Security
AppSec Decoded: 2022 Open Source Security and Risk Analysis (OSSRA) trends| Synopsys
Watch the 2022 OSSRA report to seek the most popular open source trends and vulnerabilities, and a range of actionable solutions that organizations can take to improve their open source management.
AppSec Decoded: Managing supply chain risks | Synopsys
In this episode of AppSec Decoded, Mike McGuire, security solutions manager at Synopsys Software Integrity Group, and Taylor Armerding, security advocate at Synopsys Software Integrity Group, discuss why supply chain attacks have become low-hanging fruit for cybercriminals and what organizations need to understand about their supply chain to avoid becoming the next target.
CVE-2022-23648: Kubernetes Container Escape Using Containerd CRI Plugin and Mitigation
CVE-2022-23648, reported by Google’s Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerd’s CRI plugin that handles OCI image specs containing “Volumes.” The attacker can add Volume containing path traversal to the image and use it to copy arbitrary files from the host to container mounted path. The vulnerability was reported by Felix Wilhelm on Nov.
Teleport Raises $110 Million Series C at $1.1 Billion Valuation
I have news to share. Teleport has just secured $110M in Series C funding to keep growing the business that I started with my co-founders Sasha Klizhentas and Taylor Wakefield in 2015. This is exciting for founders and employees, but I think it is also excellent news for all software engineers who are crying out for a better way to manage secure access to their mission-critical cloud infrastructure. More on that below.
1Password 8 for Mac is here!
Today I have the honour of introducing the most powerful and capable 1Password ever. Wrapped in a gorgeous new design and blazingly fast, 1Password 8 is our love letter to Mac users everywhere. 💌
In Cybersecurity, AI is Not A-OK
Artificial intelligence has been (and continues to be) a popular topic of discussion in areas ranging from science fiction to cybersecurity. But as much fun as it might be to discuss my favorite sci-fi AI stories, let’s set aside the works of Asimov, Bradbury and other storytellers to focus on the role of AI in cybersecurity.
Achieving Better Business Outcomes Through a CTI Practice
According to Joshua Ray, managing director, Global Cyber Defense Lead, Accenture, “Every business is digital now and must adopt a resilient cybersecurity posture to protect their value.
Beekeeper Serves Up Secure Communications, Data, and Applications Across Cloud Environments with Sysdig
Beekeeper is known as one of the world’s top platforms for helping remote employees stay connected with their customers, other front-line workers, and the data they need to be successful. Through the company’s platform, employees can gain access to training, forms, and other work-based resources that require flawless access every time.
Compromising Read-Only Containers with Fileless Malware
Containers provide a number of security features that are not simply available on a normal host. One of those is the ability to make the container’s root filesystem read-only. By making the file system unable to be altered, it prevents an attacker from writing their malware executable to disk. Most attacks rely on writing files in order to work, but sophisticated cases use fileless malware as part of their malicious behavior.