Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Other Crowdstrike Outage

On July 19, 2024, a flawed update in CrowdStrike Falcon's channel file 291 led to a logic error that caused Windows systems to crash, resulting in widespread BSOD (Blue Screen of Death) incidents. The impact was severe, disrupting critical infrastructure globally, from grounded flights to halted public transit systems. In fact, you’d have to have been living under a rock to have missed this incident.

Linux For Beginners

Welcome to the world of Linux! This blog will take you on a step-by-step journey on how to get familiar with Linux if you are a new user. By the end, you'll have an understanding of Linux and how to use it effectively. Linux is an open-source operating system that manages your computer's hardware and software resources. Unlike proprietary systems like Windows and macOS, Linux is free to use, modify, and distribute.

Ubuntu 20.04 vs 22.04: Comparing features and performance

Jump to Tutorial Ubuntu is a popular Linux distribution that has been adopted by many system administrators, developers, or everyday users who are searching for a robust and open-source operating system. Each version of Ubuntu brings new features, improvements and sometimes there are certain changes in system requirements.

New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

In a recent development, cybersecurity researchers have identified a new Linux variant of the notorious Play ransomware, also known as Balloonfly and PlayCrypt. This variant specifically targets VMware ESXi environments, signaling a strategic expansion by the threat actors behind it. Trend Micro's report published on Friday highlights the potential for a broader victim pool and more effective ransom negotiations as a result of this evolution.

eBPF use cases

What is eBPF and how can it be used within the Kubernetes environment? In the dynamic world of container orchestration, where speed and adaptability are a must, eBPF, short for Extended Berkeley Packet Filter, has changed how developers interact with kernels within Kubernetes environments. At its core, eBPF crosses traditional boundaries, offering a programmable and secure in-kernel execution environment that empowers developers to use custom code without the need for modifications to the kernel itself.

eBPF: Enabling Security and Performance to Co-Exist

Today, most organizations and individuals use Linux and the Linux kernel with a “one-size-fits-all” approach. This differs from how Linux was used in the past–for example, 20 years ago, many users would compile their kernel and modify it to fit their specific needs, architectures and use cases. This is no longer the case, as one-size-fits-all has become good enough. But, like anything in life, “good enough” is not the best you can get.

How to Enhance Ubuntu Security: Advanced Features and Techniques

Jump to Tutorial Ubuntu, a popular Linux distribution, is known for its robust security features. There is always space for improvement once you install a fresh operating system, so in this article, we will guide you through the advanced techniques and features to enhance the security of the latest Ubuntu 24.04 version. There are multiple layers of security that Ubuntu offers out of the box, but we can implement additional steps that can further protect your system from threats.

Reverse engineering eBPF programs

eBPF is one of the most widely used technologies in today’s computing ecosystem, starting from the cloud sector up to routing and tracing in companies like Cloudflare. Many companies are basing and transforming their core products to use eBPF as an alternative to kernel modules because of all the benefits it offers both on the business side and technological side. Since this shift is gaining a lot of momentum I wanted to shed some light on eBPF.

A Deep Dive into SELinux

Security-Enhanced Linux (SELinux), initially known for its perceived complexity in configuration and maintenance, has evolved into an indispensable security architecture across most Linux distributions. It empowers administrators to finely control the actions permitted to individual users, processes, and system daemons, thereby bolstering defense against potential security breaches.