Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

Getting Started with Kubernetes Ingress

Mar 21, 2022 By Ben Hirschberg In ARMO
Kubernetes Ingress is one of today’s most important Kubernetes resources. First introduced in 2015, it achieved GA status in 2020. Its goal is to simplify and secure the routing mechanism of incoming traffic to your defined services. Ingress allows you to expose HTTP and HTTPS from outside the cluster to your services within the cluster by leveraging traffic routing rules you define while creating the Ingress.
Read Post

WTF is Open Source

Mar 21, 2022 By Snyk In Snyk
Are you looking to join an existing open source project, but don’t know where to start? Interested in finding out more about open source software in general? Looking to start a personal project but don’t know what to base it on? If the answer is yes, this event could be for you. We will be hosting a panel discussion with amazing leaders within the OS space. They will share everything from how they got involved, what they are working on at the moment as well as share any tips and tricks they learnt along the way.
View Video

Cross-Account and Cross-Cluster Restore of Kubernetes Demonstrated on Amazon EKS

Mar 21, 2022 By CloudCasa In CloudCasa
Cross-Account and Cross-Cluster Restore of Kubernetes Applications Using CloudCasa on Amazon EKS. Users can now browse and map the available storage classes in the source and destination cluster across different AWS accounts and different Cloud Providers such as AKS, GKE, DO, IBM Cloud etc.
View Video

How to Secure Containers and Eliminate Noise from Code to Production with Sysdig and Snyk

Mar 21, 2022 By Snyk In Snyk
This webinar recording presented by Snyk and our partner Sysdig shows how we are helping developers and security teams pinpoint must-fix open source and container vulnerabilities in development while effectively protecting workloads in production. Implementing a continuous feedback loop using runtime intelligence helps you save time by focusing remediation efforts on packages executed at runtime.
View Video
CalCom

Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

Mar 20, 2022 By John Gates In CalCom
A joint Cybersecurity Advisory (CSA) was issued by the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) recently warning organizations about a Russian state-sponsored cyber-attack. The cyber actors ran arbitrary code using system privileges by exploiting a Windows Print Spooler vulnerability, “PrintNightmare.”
Read Post

Balancing Security and Agility While Scaling Your Company with Michael Coates

Mar 19, 2022 By Teleport In Teleport
Fast-growth companies are some of the richest targets for hackers because that’s where the user data is. How do you balance the security you need to protect your customers/users with the agility you need to build a business? This talk provides practical tips drawn from Michael Coates' experience as CISO of an iconic brand with hundreds of millions of users. The talk will also explore current threats, data breaches, and the new reality of risk to identify what security controls are actually needed for enterprises that are moving fast, leaning into new technology, and want effective security defenses.
View Video
snyk

node-ipc sabotages JavaScript developers

Mar 18, 2022 By Snyk In Snyk
On March 15, in an apparent act of protest against the Ukraine crisis, a supply chain attack was created which affects users of the popular JavaScript front-end development framework Vue.js and the Unity Hub. The attack creates a file with an antiwar message and introduces security vulnerabilities, with an earlier version corrupting user files on machines with Russian and Belorussian geolocations, replacing characters with heart emoji.
Read Post
armo

NSA & CISA Kubernetes Hardening Guide - what is new with version 1.1

Mar 18, 2022 By Leonid Sandler In ARMO
In March 2022, NSA & CISA has issued a new version of the Kubernetes Hardening Guide – version 1.1. It updates the previous version that was released in August 2021. Kubernetes evolves fast, and Kubernetes adoption grows even quicker. Kubernetes has become a very popular target and therefore requires continuous enhancement of the protection measures.
Read Post
teleport

How to Stop Container Escape and Prevent Privilege Escalation

Mar 18, 2022 By Sadequl Hussain In Teleport

Container escape is a security risk in which malicious players can leverage a containerized application’s vulnerabilities to breach its isolation boundary, gaining access to the host system’s resources. Once an attacker accesses the host system, they can escalate their privilege to access other containers running in the machine or run harmful code on the host. Depending on how vulnerable the host is, the actor could also access other hosts in the network.

Read Post
Snyk

dompdf security alert: RCE vulnerability found in popular PHP PDF library

Mar 18, 2022 By DeveloperSteve In Snyk

Recently, researchers from Positive Security published findings identifying a major remote code execution (RCE) vulnerability in dompdf, a popular PDF generation library. In their reporting, they outlined a way that code could be loaded into an application and then remotely executed during a PDF being generated. Dompdf is used quite extensively within the PHP ecosystem, and is used within over 59,000 open sourced platforms and projects.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.