Microsoft PowerShell is a ubiquitous piece of software. It’s also, unfortunately, a major attack vector for threat actors. Once a threat actor has initial access into a network, they can utilize the commands and scripts components of PowerShell to conduct reconnaissance or inject fileless malware into the network. This activity is so common it’s continually listed as one of the top tactics, techniques, and procedures (TTPs).

Sysdig’s seventh annual Cloud-Native Security and Usage Report identifies how customers are developing, using, and securing cloud-native applications and environments. We analyze data from millions of containers and thousands of accounts and publish the most pertinent information for you. Security practitioners and leaders look forward to this report to identify trends and make adjustments to their cloud security strategy.

As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant.

Today’s cybersecurity landscape poses one of the most significant risks to data. This holds true for organizations of all sizes, across all industries, tasked with protecting their most essential data amid an increasingly regulated environment and faster, more innovative adversaries. Recent years have introduced a steady drumbeat of new data privacy regulations. There are now 14 U.S. states that have passed privacy laws.

The US Federal Bureau of Investigation (FBI) has issued an alert warning that scammers are tricking victims into converting their savings into cash or precious metals, then sending couriers to pick up the items for safekeeping. The scammers then steal the goods and cut contact with the victims. The FBI says victims lost more than $55 million to these scams between May and December 2023.

New data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and smallest organizations worldwide. The good news is that ransoms continue to decline – according to the most recent Quarterly Ransomware Report from ransomware response vendor Coveware.

Snyk has discovered a vulnerability in all versions of Docker Buildkit <=v0.12.4, as used by the Docker engine. The exploitation of this issue can result in container escape to the underlying host OS when building an image using a malicious Dockerfile or upstream image (i.e. when using FROM). This issue has been assigned CVE-2024-23651.

Snyk has discovered a vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image or building an image using a malicious Dockerfile or upstream image (i.e., when using FROM). This issue has been assigned the CVE-2024-21626.