%term

CVE-2022-3172 - kube-apiserver can allow an aggregated API server to redirect client traffic to any URL

Sep 19, 2022 By Ben Hirschberg In ARMO

A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. As a result, the client may perform unexpected actions and share the API server credentials with third parties. The aggregated API server extension in Kubernetes API server enables users to extend API server with alternative objects and paths.

Read Post

ARMO

Read more about CVE-2022-3172 - kube-apiserver can allow an aggregated API server to redirect client traffic to any URL

Directory Sharing in a Web-Based RDP Client Using the File System Access API

Sep 19, 2022 By Isaiah Becker-Mayer In Teleport

Remote Desktop Protocol (RDP) is a protocol developed by Microsoft which at its core is designed to give users a graphical interface to a remote Windows computer over a network connection. The remote Windows machine runs an RDP server, while the local computer accessing it runs an RDP client. Windows comes bundled with Microsoft's Remote Desktop Connection to easily access Windows hosts over RDP.

Read Post

Teleport

Read more about Directory Sharing in a Web-Based RDP Client Using the File System Access API

What's It Like To Be Snyk's CEO? | Cloud Security Podcast Interviews Snyk CEO Peter McKay

Sep 19, 2022 By Snyk In Snyk

Snyk CEO Peter McKay speaks with Shilpi Bhattacharjee of the Cloud Security Podcast about his experience as the CEO of Snyk.

View Video

Snyk

Read more about What's It Like To Be Snyk's CEO? | Cloud Security Podcast Interviews Snyk CEO Peter McKay

This Week in VulnDB

Sep 16, 2022 By Snyk In Snyk

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.

View Video

Snyk

Read more about This Week in VulnDB

What is SIaaS? An introduction to security infrastructure as a service

Sep 15, 2022 By Christopher Luft In LimaCharlie

Security infrastructure as a service (SIaaS) is an engineering-centric, infrastructure-first approach to cybersecurity—and is at the heart of everything we do at LimaCharlie. In this post, we’ll explain more about what SIaaS is, why it’s important, and how it differs from legacy models of cybersecurity.

Read Post

LimaCharlie

Read more about What is SIaaS? An introduction to security infrastructure as a service

White House Issues New Guidelines on Software Supply Chain Security - What Are the Challenges and Possible Outcomes?

Sep 15, 2022 By Rhys Arkins In Mend

The White House and the Executive Office of the President have just issued a memorandum for the heads of U.S. government and federal executive departments and agencies for enhancing the security of the software supply chain through secure software development practices.

Read Post

Mend

Read more about White House Issues New Guidelines on Software Supply Chain Security - What Are the Challenges and Possible Outcomes?

Improve security and compliance for your AWS infrastructure with Teleport

Sep 15, 2022 By Teleport In Teleport

Easily control who can provision and access your critical AWS resources while improving security and compliance. Watch this webinar as Allen Vailliencourt from Teleport discusses how to.

View Video

Teleport

Read more about Improve security and compliance for your AWS infrastructure with Teleport

How to Connect to Microsoft SQL Server Remotely Using Teleport

Sep 14, 2022 By Teleport In Teleport

In this video, we'll look at how to connect Teleport to Microsoft SQL Server with Active Directory authentication. We'll also be exploring Teleport's RBAC system, Audit logs, as well as how to connect a GUI like Azure Data Studio, SSMS, or Datagrip to our database via Teleport. Some of the mentioned resources may already be set up or active in your environment. If so, feel free to utilize the timestamps below to maximize your situation.

View Video

Teleport

Read more about How to Connect to Microsoft SQL Server Remotely Using Teleport

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Sep 14, 2022 By Snyk In Snyk

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

View Video

Snyk

Read more about Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Snyk's State of Cloud Security Report Reveals 80% of Organizations Have Experienced a Severe Cloud Security Incident in Past Year

Sep 13, 2022 By Snyk In Snyk

Research Also Underscores Risk Is Growing, While Increased Cloud Security Investment Leads to Faster Application Deployment.

Read Post

Snyk

Read more about Snyk's State of Cloud Security Report Reveals 80% of Organizations Have Experienced a Severe Cloud Security Incident in Past Year

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2022-3172 - kube-apiserver can allow an aggregated API server to redirect client traffic to any URL

Directory Sharing in a Web-Based RDP Client Using the File System Access API

What's It Like To Be Snyk's CEO? | Cloud Security Podcast Interviews Snyk CEO Peter McKay

This Week in VulnDB

What is SIaaS? An introduction to security infrastructure as a service

White House Issues New Guidelines on Software Supply Chain Security - What Are the Challenges and Possible Outcomes?

Improve security and compliance for your AWS infrastructure with Teleport

How to Connect to Microsoft SQL Server Remotely Using Teleport

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Snyk's State of Cloud Security Report Reveals 80% of Organizations Have Experienced a Severe Cloud Security Incident in Past Year

Monthly Archive

Follow Us