Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Command Cyber Readiness Inspection(CCRI) is a comprehensive cybersecurity evaluation and assessment conducted by the United States Department of Defense (DoD). A CCRI serves as a formal inspection aimed at enhancing accountability and bolstering the security posture of DoD Information Networks in alignment with DoD standards, with a specific focus on Command, Mission, Threat, and Vulnerability.

As companies build more cloud-native apps, securing them across different infrastructures becomes a challenge. Cloud-native apps leveraging different deployment environments such as on-premises, public cloud, or hybrid have different security challenges as they are scaling, interoperable, and cost-effective.

The latest CVE-2024-38077 Remote Code Execution vulnerability (RCE) and coined MadLicense has been rated as absolutely critical with a CVSS 3.1 score of 9.8. The Windows Remote Desktop Licensing (RDL) service has a vulnerability that enables network attacks with low complexity, affecting all versions of Windows Server from 2000 to 2025 (all Windows Servers).

The policy setting ‘Enable computer and user accounts to be trusted for delegation’ for Administrators and No One allows users to change the Trusted for Delegation setting on a computer object in Active Directory. Abuse of this privilege could allow unauthorized users to impersonate other users on the network. The Windows security setting enable computer and user accounts to be trusted for delegation is a powerful security feature primarily used in enterprise environments.

Kubernetes v1.31 brings about some noteworthy improvements to the popular container orchestration platform that improve security and other aspects within the platform. These enhancements improve account tokens, labeling, policies, and other areas to ensure a more secure and reliable platform for developers and enterprises.

The Impersonate a client after authentication Windows security setting allows a program or service to act on behalf of a user after the user has logged in. This is essential to the running of many applications, from printing and accessing user files in web applications, to the systems service control manager. This ability to temporarily act as another user is also known as impersonation and the application must have the correct security configuration in order to do so.

This is a public service announcement: The not-so-simple act of securing applications produces a lot of documentation, including playbooks and policies, that isn’t typically needed on a daily basis. But when a zero-day event occurs, such as the recent Crowdstrike incident, application security teams better be able to find everything they need—and fast. Sadly, in both big and small companies, missing and outdated documentation is rampant.