Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We are happy to announce that Kubescape now integrates with GitHub Actions. This allows users to identify issues as early and as clearly as possible, without ever leaving GitHub. Read all about it 👇

TFiR has produced its brand-new video show called Let’s See. This is the first time that TFiR has come up with a demo show where we will get to see how some of the technologies and products work.

Cloud adoption and digital transformation have enlarged attack surfaces that can be exploited by malicious actors to harm your organization. Traditional SIEMs and EDRs fall short as they are not cloud-native and also difficult to scale. Further, there are inherent fixed costs that need to be considered when adopting any modern threat detection apparatus.

This article focuses on a critical missing component of Cloud Security Posture Management (CSPM): visibility into Kubernetes. Scroll down to read all you need to know about it.

Security in cloud providers like AWS is usually the highest priority. With EKS, unlike bring-your-own vanilla Kubernetes instances, you benefit from a data center and network architecture that is built to meet the requirements of the most security-sensitive organizations. To achieve this, one of the best ways is to use all the security layers we are capable of having. In this case, we will explain how to use GuardDuty and Falco to speed up threat detection.

The Sysdig Threat Research Team (TRT) recently discovered threat actors leveraging an open source tool called PRoot to expand the scope of their operations to multiple Linux distributions and simplify their necessary efforts. Typically, the scope of an attack is limited by the varying configurations of each Linux distribution. Enter PRoot, an open source tool that provides an attacker with a consistent operational environment across different Linux distributions, such as Ubuntu, Fedora, and Alpine.

The conflict between Russia and Ukraine includes a cyberwarfare component with government-supported threat actors and civilian hacktivists taking sides. The goals of disrupting IT infrastructure and utilities have led to a 4-fold increase in DDoS attacks between 4Q21 and 1Q22. Over 150,000 volunteers have joined anti-Russian DDoS campaigns using container images from Docker Hub.

Extortion can simply be defined as “the practice of obtaining benefit through coercion.“ Data and cloud extortion schemes occur when precious data and/or access is stolen by an attacker that promises to restore it through payment or other demands. In this article, we’ll cover some common or uncommon extortion schemes, and highlight ways to detect and avoid falling prey to demands.

The Kubernetes community is ready for the last release of 2022—version 1.26. Since its beginning, Kubernetes has been a place of constant change and improvement. The platform evolves and matures with every new API change and bug fix. In this release, there are 38 tracked enhancements in addition to a large number of bug fixes. In this article, we will focus on some highlighted enhancements, important deprecations, and removals so that you can be confident before upgrading your clusters.