Operations | Monitoring | ITSM | DevOps | Cloud

If you thought masked hackers in dark rooms spreading malware were your only security concern, think again. In its Insider Threat Report for 2018, Crowd Research Partners brought to light that almost 90 percent of organizations find themselves vulnerable to insider threats. What’s worse is that 50 percent of these organizations experienced an insider attack in 2018.

Earlier today, CVE-2019-5736 was announced regarding a runC container breakout. Given the high CVSS rating of 7.2, it is imperative to quickly patch your systems.

Chances are you’ve heard of traditional credential-based attacks on Active Directory (AD) and cloud applications—brute force attacks, dictionary attacks, and keylogging, to name a few. There’s now another attack type you should familiarize yourself with: password spray attacks. In this blog, we’ll analyze why you should be wary of them and the best way to tackle them.

For our tech-minded readers, we strongly recommend you read the suggested articles in the US-CERT notification for detailed examples of how the hijacking takes place, for the rest of you, we’ve put together a summary of how the multifaceted attacks work.

Kubernetes Pod Security Policy is a mechanism to enforce best security practices in Kubernetes. In this tutorial, we will explain how to enable Kubernetes Pod Security Policy across your cluster using kube-psp-advisor to address the practical challenges of building an adaptive and fine-grained security policy on Kubernetes in production.

Data breaches come in all shapes, sizes, and levels of exposure. They can range from a couple of log files unintentionally left available to the public to the leak of hundreds of thousands of users’ personally identifiable information (PII). Don’t think that just because you have a secure network, a leak can’t happen to you.