Kubernetes posture management - no time to waste time
Five months ago, we decided to release a posture management solution for K8s and make it open source for everyone to enjoy it.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
What are the Types of Cyber Security Vulnerabilities?
As the threat landscape changes and advances with time, being able to address the most common types of cyber security vulnerabilities has gained the utmost importance. In this article, we will consider various types of cyber security vulnerabilities and how you can mitigate them. As information becomes an organization’s most important asset, cyber security gains increasingly more priority.
VoIP Security. How secure is your VoIP?
For over a century we have seen voice communication being made over Public Switched Telephone Network (PSTN), but since the past decade or two Voice over IP (VoIP) has been introduced and quickly adopted throughout the world for making business phone calls.
Cybersecurity Architecture: A Complete Guide to Preparing Your Organization for a Cyberattack
What is cybersecurity architecture? Is your company's cybersecurity architecture prepared for the future? This video will give you everything you need to know about how to prepare your organisation and make sure it is ready for any threats in the years ahead. Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.
Weekly Cyber Security News 24/12/2021
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Anyone fancy a bit of a challenge? USA citizens only though…
Log4Shell PoC exploit and mitigation demo on Kubernetes
Demonstration of an RCE against the Log4Shell / CVE-2021-44228 vulnerability on a PoC Java EE app running on Kubernetes. I also go over a few mitigation steps you can take to reduce your exposure to this and other such exploits. References mentioned in the video: Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Baselining and Hunting Log4Shell with the CrowdStrike Falcon Platform
Note: This post first appeared in r/CrowdStrike. First and foremost: if you’re reading this post, I hope you’re doing well and have been able to achieve some semblance of balance between life and work. It has been, I think we can all agree, a wild December in cybersecurity (again). At this time, it’s very likely that you and your team are in the throes of hunting, assessing and patching implementations of Log4j2 in your environment.
A Look Back at the Top Data Breaches of 2021
This past year was a banner year for cybercriminals. By the end of September, the Identity Theft Resource Center (ITCR) reported that the number of breaches that had taken place over the first three quarters of 2021 had exceeded the total number of breaches in 2020.
It takes a community: Responding to open source criticism post-Log4Shell
The last week has been a wild ride for just about everyone in the technology world due to the public disclosure of the Log4Shell vulnerability. As a developer security company, Snyk has built our business around proactive automation to identify and fix security issues in applications. To say we’ve been busy this week would be an understatement.