Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

The Hidden Economy of Open Source Software

The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines.

Nine Docker pro tips for Node.js developers

If you spend quite a bit of time in the command line, working with Docker images and containers locally to build and test them, you might be in the mood for some power-user Docker commands. We're skipping the basics and diving straight into the lesser-known yet highly effective commands that can significantly improve your Docker experience.

CVE-2024-3094 Exposed: A Guide to Overcoming XZ/liblzma and Similar Threats Using Calico

Before we start this blog post, let’s acknowledge that the only way to secure your environment from any vulnerability is to update the vulnerable hardware or software with patches that the author or the project community releases. Every other form of mitigation is only a way to provide an extended time for critical applications that cannot be updated immediately.

Building Honeypots with vcluster and Falco: Episode II

In the previous article, we discussed high-interaction honeypots and used vcluster to build an intentionally-vulnerable SSH server inside of its own cluster so it couldn’t hurt anything else in the environment when it got owned. Then, we installed Falco on the host and proceeded to attack the SSH server, watching the Falco logs to see the appropriate rule trigger when we read /etc/shadow.

RUBYCARP: A Detailed Analysis of a Sophisticated Decade-Old Botnet Group

The Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we are calling RUBYCARP. Evidence suggests that this threat actor has been active for at least 10 years. Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks.

Prevent Data Exfiltration in Kubernetes: The Critical Role of Egress Access Controls

Data exfiltration and ransomware attacks in cloud-native applications are evolving cyber threats that pose significant risks to organizations, leading to substantial financial losses, reputational damage, and operational disruptions. As Kubernetes adoption grows for running containerized applications, it becomes imperative to address the unique security challenges it presents.

Securing the Modern Enterprise: Unified Microsegmentation and Observability with Calico

In the ever-evolving landscape of enterprise networks, the traditional approach of relying on a fortified perimeter to secure internal assets faces significant challenges. The dichotomy of a trusted internal network and an untrusted external environment, enforced by perimeter defenses, has been a longstanding strategy.

Shielding Your Kubernetes Kingdom: Safeguarding with Rubrik Protection

In the landscape of modern application development and deployment, Kubernetes has transcended its adoption phase to become a cornerstone technology for organizations worldwide. According to the Cloud Native Computing Foundation (CNCF), a staggering 96% of organizations are actively using or evaluating Kubernetes, with over 5.6 million developers worldwide embracing its capabilities.