We explored the Red Hat State of Kubernetes security report 2024, one of our favorite yearly reports. It’s jam-packed with incredibly fascinating information about one of our favorite subjects—Kubernetes security. Imagine that! In this post we’ll review some of the more interesting data points and contrast them with results from prior years. We’ll also discuss our own perspectives and observations on how this affects you as a Kubernetes user.

Identity theft is a concern for everyone living in the digital age. By stealing someone’s identity, a criminal can gain access to their credit cards and financial accounts or apply for credit using the victim’s identity. The compromise of your identity can lead to numerous troubling circumstances. Cybercriminals have learned to leverage identity theft to access vast amounts of personal and sensitive information within digital enterprises.

TLDR: The ways that organizations find and fix security exposures have been flawed for years. Traditional vulnerability management (VM) programs have failed to address the core issues. What’s worse, the relatively new category of External Attack Surface Management (EASM) has not solved the problems it aimed to solve. But hope, in the form of Exposure Management, is on the way.

Artificial intelligence has taken over almost every aspect of our everyday lives. In cybersecurity, generative AI models with natural language processing are commonly being used to predict, detect, and respond to threats. But AI security assistants, although an upgrade from traditional machine learning, only provide very basic queries and summarization, which is insufficient to fully comprehend modern cloud attacks. As part of an ongoing effort to improve the cloud detection and response (CDR) experience,

Cybercriminals are notorious for their opportunism. No situation is off limits: whether they exploit conflict and human suffering, blackmail vulnerable individuals by threatening to leak therapy notes, or even bring healthcare organizations to their knees, cybercriminals will stop at nothing to make a quick buck. Hurricane season is a particularly lucrative time of year for cybercriminals.

The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports. The CSA’s report found that cybercriminals are selling tools that automate these attacks, allowing unskilled threat actors to launch sophisticated attacks.

This week, I’m excited to announce Cloud Enrichment for AWS, GCP, and Azure. These enhancements are designed to accelerate incident response and unlock threat hunting capabilities by automatically combining the insights of your cloud network with the native control plane data from your cloud service provider.

The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.

LevelBlue Labs has identified a new evolution in the toolset of threat actors. Threat actors are hijacking legitimate anti-virus software to carry out malicious activities undetected. A new tool, named SbaProxy, has been found masquerading as legitimate anti-virus components to establish proxy connections through a command and control (C&C) server.

In any retail-facing crypto business, the withdrawal process is one of the most critical and active functions. Users rely on it to move their funds swiftly and securely, whether they’re making a purchase, sending money to a friend, or transferring assets to another account. When users deposit money into your crypto application, they expect to access and withdraw their funds easily whenever they need them.