Teleport: Fresh access for all your infrastructure
Teleport is the easiest, most secure way to access all your infrastructure.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Using SSH Port Knocking to Hide an SSH Server
This article will explore methods for “hiding” SSH servers so that the server is harder to discover by malicious users on public networks. We’ll focus on changing the default SSH port and implementing SSH port knocking to make it more difficult for unwanted users to discover or locate the server.
The Impact of CVE-2022-0185 Linux Kernel Vulnerability on Popular Kubernetes Engines
Last week, a critical vulnerability identified as CVE-2022-0185 was disclosed, affecting Linux kernel versions 5.1 to 5.16.1. The security vulnerability is an integer underflow in the Filesystem Context module that allows a local attacker to run arbitrary code in the context of the kernel, thus leading to privilege escalation, container environment escape, or denial of service.
A Day In the Life of a Fintech CISO - Chris Russell [CISO at tZERO]
A Day In the Life of a Fintech CISO - Chris Russell.
JIRA Integration
Are you using Atlassian JIRA? WhiteSource can integrate with your defect tracking software and quickly detect open source artifacts and their known vulnerabilities. WhiteSource also provides all the information you need to fix these artifacts automatically.
Analyzing the PwnKit local privilege escalation exploit
What do Linux vulnerabilities and natural disasters have in common? Something seemingly dormant can suddenly spring to life, exposing activity beneath the surface. Several days ago, a security researcher published a high-severity vulnerability named PwnKit that impacts most major Linux distributions. The scary part? It’s existed since May of 2009. Polkit is a component for controlling privileges in Unix-like operating systems and is included by default on most major Linux distributions.
The PwnKit vulnerability: Overview, detection, and remediation
On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.
RFDiscussion #3 - AWS IAM Join Tokens
Deep dive into how Teleport uses a new IAM join method to makes it easier to enroll a fleet of servers into Teleport.
What a Modern Privileged Access Management (PAM) Solution for Cloud-Native Applications Looks Like
Privileged Access Management (PAM) is a go-to solution to prevent privilege misuse and insider threats, and limit malware propagation. After all, properly protecting and monitoring the keys to the kingdom is always a good practice. Privileged Access Management has been even more critical in recent times. With the advent of the cloud where infrastructure is provisioned with a single API call and authenticated with a single API key, the risk of someone misusing these credentials is far higher.
Elevate AWS threat detection with Stratus Red Team
A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.