Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AT&T Cybersecurity

Security context: The starting point for how Kubernetes Pod security works

Organizations are increasingly adopting Kubernetes to manage their containerized workloads and services, but Kubernetes security incidents are on the rise, as well. In the fall 2020 edition of the “State of Container and Kubernetes Security” report, for instance, 91% of respondents told StackRox that they had recently adopted Kubernetes. Three quarters of survey participants went on to reveal that they had deployed the container orchestration platform in their production environments.

What is a vulnerability management program and should your business have one?

The rapid rate of change in attack methods and techniques in today’s cybersecurity landscape has made the keeping of an environment secure increasingly more difficult, causing many to fall into a dangerous state of simply reacting to current threats.

Why cybersecurity awareness is a team sport

Cybersecurity may be different based on a person's viewpoint. One may want to simply protect and secure their social media accounts from hackers, and that would be the definition of what cybersecurity is to them. On the other hand, a small business owner may want to protect and secure credit card information gathered from their point-of-sale registers and that is what they define as cybersecurity.

Why are cybercriminals suddenly targeting maritime infrastructure?

If you were asked to list out the top problems society has been facing in 2020, cyberattacks on the maritime industry might not be an obvious issue that would come to mind. But the industry has seen a worrying trend in recent months, as a spike in cyberattacks that has left some of the biggest companies in the industry exposed. Specifically, both the fourth largest global shopping company and the International Maritime Organization (IMO) have been targeted in these attacks.

What is URL filtering? Web filtering explained

URL filtering is one of the most common types of web filtering techniques used by organizations to restrict the kinds of content that their users may access. URL filtering blocks users from loading questionable websites or hosted files via corporate device or network resources. The filter is triggered by comparing the URL address a user is trying to access against policy lists that specify whether to block, allow, and/or track visits to certain URL addresses.

Malware using new Ezuri memory loader

Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk. While this technique is known and commonly used by Windows malware, it is less popular in Linux environments. The loader decrypts the malicious malware and executes it using memfd create (as described in this blog in 2018).

IoT Cybersecurity Act successfully signed into law

The IoT Cybersecurity Act, which aims to reduce the supply chain risk to the federal government arising from vulnerable IoT devices, was recently passed into law, and its effects are expected to carry over into private enterprise. Critics felt the law was long overdue: as found in the Nokia Threat Intelligence Report 2020, IoT devices are now responsible for 32.72% of all infections observed in mobile networks, representing an increase of 16.55% since 2019 alone.

What is a software-defined perimeter and how does SDP work?

A software defined perimeter (SDP) establishes virtual boundaries around Internet-connected assets and user activity through an integrated security architecture approach. SDP works regardless of whether assets reside on-premises or in the cloud, or whether users are on-site or working remote. Rather than relying on hardware like firewalls or VPNs at the network boundary, SDP leverages software to prevent any access to or even visibility into resources within the virtual perimeter by default.