Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Recently, AWS expanded the scope of their AWSCompromisedKeyQuarantine policies (v2 and v3) to include new actions. This policy is used by AWS to lock down access keys that they suspect have been compromised. A common example of this process in action is when AWS automatically applies the quarantine policy to any keys found by scanning public GitHub repositories. This proactive protection mechanism can stop compromises before they happen.

Recently, Sysdig published a blog post about the ways businesses can harden their LLM-based AI applications using the OWASP Top 10 for Large Language Models. So why are we writing about MITRE ATLAS, and how is this any different from the OWASP Top 10 for LLMs?

Teleport provides a secure and scalable solution for managing namespace separation in Kubernetes clusters, streamlining compliance, and enabling financial institutions to maintain both resiliency and agility. Kubernetes has rapidly evolved from a tech buzzword to an indispensable backbone of modern infrastructure in the financial services industry — redefining how institutions scale, secure, and deliver their most critical applications.

On September 26th, 2024, details were released about several vulnerabilities in the Common Unix Printing System (CUPS) package. A total of four CVE’s (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177) have been released, affecting many Unix and Linux distributions. Three of the vulnerabilities are rated High, while one is rated Critical. If left unpatched, a remote attacker is able to execute arbitrary commands on the affected system.

Cloud attackers are swift and sophisticated, requiring robust threat detection and response programs that can keep pace with these malicious actors born in the cloud. They exploit the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes.

The European Union (EU) is leading the development of comprehensive cybersecurity regulations. These frameworks shape secure digital environments and protect businesses and citizens from cyber threats. For industry leaders and cybersecurity practitioners, especially those focused on cloud technologies, understanding and navigating these frameworks is key to maintaining compliance and gaining a competitive edge.

Disruptive technologies have a learning curve in the pace of adoption and implementation. Training and education tend to follow a slower schedule and can have a hard time keeping up with discoveries happening on the bleeding edge. This is part of what led to the current cloud security skill gap. The cloud transformed software development, accelerating innovation and the pace of human creativity. But, we now know that it also formed new security challenges.

Kubernetes today is the de facto standard for container orchestration, deployment automation, scaling, and management of containerized apps. The robustness and scalability of this open-source platform make it a valuable tool for businesses leveraging cloud-native technologies and DevOps practices. However, as with any technology that handles sensitive data and crucial operations, the importance of security in Kubernetes environments can’t be overstated.

Adversaries exploit security blind spots and sneak through traditional defenses to craft attacks that impact your operations, or even worse, your reputation. One recent example is the Revival Hijack supply-chain attack, where threat actors registered new PyPi projects with names of previously deleted packages. One way to counter this imminent threat is to “shift left,” or take ownership of the code’s security posture earlier in the development process.

Foundationally, the OWASP Top 10 for Large Language Model (LLMs) applications was designed to educate software developers, security architects, and other hands-on practitioners about how to harden LLM security and implement more secure AI workloads. The framework specifies the potential security risks associated with deploying and managing LLM applications by explicitly naming the most critical vulnerabilities seen in LLMs thus far and how to mitigate them.