It’s not a mystery that eBPF (Extended Berkeley Packet Filter) is a powerful technology, and given its nature, it can be used for good and bad purposes. In this article, we will explore some of the offensive capabilities that eBPF can provide to an attacker and how to defend against them.
The Sysdig Threat Research Team (TRT) recently discovered a new, financially motivated operation, dubbed LABRAT. This operation set itself apart from others due to the attacker’s emphasis on stealth and defense evasion in their attacks. It is common to see attackers utilize scripts as their malware because they are simpler to create. However, this attacker chose to use undetected compiled binaries, written in Go and.NET, which allowed the attacker to hide more effectively.
The Sysdig Threat Research Team (Sysdig TRT) recently discovered a new Freejacking campaign abusing Google’s Vertex AI platform for cryptomining. Vertex AI is a SaaS, which makes it vulnerable to a number of attacks, such as Freejacking and account takeovers. Freejacking is the act of abusing free services, such as free trials, for financial gain. This freejacking campaign leverages free Coursera courses that provide the attacker with no-cost access to GCP and Vertex AI.
The Gartner 2021 Hype Cycle for Cloud reports 99% of breaches start with cloud misconfigurations. Thus, having a philosophy of protecting just traditional endpoints – servers, laptops, desktop PCs, and mobile devices – with EDR (Endpoint Detection and Response) software is not enough. Sysdig has teamed up with multiple security organizations in the cloud security ecosystem to offer comprehensive security solutions.
Organizations modernizing applications in the cloud find themselves drowning in vulnerabilities. There are too many alerts and not enough time to address them all. Sysdig and Checkmarx announced a partnership today focused on solving this problem.
The second annual threat report from the Sysdig Threat Research Team (Sysdig TRT) is packed with their findings and analysis of some of the hottest and most important cybersecurity topics this year. Threat actors are really embracing the cloud and are using it to their advantage to evade detection and speed up their attacks.
Over the last decade, many vulnerabilities were initially perceived as critical or high but later deemed less important due to different factors. One of the famous examples was the “Bash Shellshock” vulnerability discovered in 2014. Initially, it was considered a critical vulnerability due to its widespread impact and the potential for remote code execution.
The way we manage our money has changed dramatically. In little more than a decade, we’ve gone from branch-led services to feature-rich apps offering 24/7 access to our money. Open Banking is driving product innovation, fintechs are setting a new benchmark for customer-centric experiences, and AI is taking personalization to a new level. Financial services have never been so accessible and convenient.
“What’s New in Sysdig” is back with the July 2023 edition! My name is Curtis Collicutt, based in Toronto, Canada, and the Sysdig team is excited to share our latest feature releases with you. This month, Sysdig Secure Live has been enabled for all the users!
As competition ramps up in the financial services sector, agile and efficient application development is critical to delivering the seamless digital experiences today’s customers want. Chances are, if you’re not already moving applications to cloud and containers, you’re considering it. But cloud-native development also brings security and compliance implications you may not have fully thought through.
