A new kind of spam is being observed in the field that uses the browser notification feature to trick users into subscribing to sites that will in turn bombard users with notifications usually related to click or add profit schemes. Subscription notification request seen below: Browser notification subscription requests are a legitimate feature that allows visitors of a site to be notified when there is new content available. It saves users the need to constantly refresh or keep open browser tabs.

As one of the engineers on the Gravity team here at Gravitational, I was tasked with adding SELinux support to Gravity 7.0, released back in March. The result of this work is a base Kubernetes cluster policy that confines the services (both Gravity-specific and Kubernetes) and user workloads. In this post, I will explain how I built it, which issues I ran into, and some useful tips I’d like to share. Specifically, we will look at the use of attributes for the common aspects of the policy.

Vulnerability assessment is the process of identifying, classifying, and prioritizing security vulnerabilities in IT infrastructure. A comprehensive vulnerability assessment evaluates whether an IT system is exposed to known vulnerabilities, assigns severity levels to identified vulnerabilities, and recommends remediation or mitigation steps where required.

The Collection tactic outlines techniques an attacker will undertake in order to find and gather the data they need to meet their actions on objectives. I see most of these techniques as being useful for describing what a piece of malware or threat actor is up to rather than looking to them for guidance on how to mitigate and detect their actions.

It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report!