Operations | Monitoring | ITSM | DevOps | Cloud

Cyberattacks

Kubernetes security issues: An examination of major attacks

In a never-ending game of cat and mouse, threat actors are exploiting, controlling and maintaining persistent access in compromised cloud infrastructure. While cloud practitioners are armed with best-in-class knowledge, support, and security practices, it is statistically impossible to have a common security posture for all cloud instances worldwide. Attackers know this, and use it to their advantage. By applying evolved tactics, techniques and procedures (TTPs), attackers are exploiting edge cases.

Annual SolarWinds Study Reveals Opportunities for Business and IT Collaboration in Managing Enterprise Risk Driven by Internal and External Security Threats

SolarWinds IT Trends Report 2021: Building a Secure Future examines how technology professionals perceive the evolving state of risk in today's business environment following internal impact of COVID-19 IT policies and exposure to external breaches. SolarWinds introduces Secure by Design program as a guide for industry-wide approach to help prevent future cyberattacks.

Malware alert: The RedXOR and Mamba attacks and how to defend against them

Picture this: It’s a normal day of working from home as usual since the COVID-19 outbreak. After that satisfying cup of coffee, you log in. But something is wrong. No matter how many times you click, your files don’t open. Your screen is frozen and refuses to budge. And then, you see one of the worst nightmares any IT admin can imagine: “Oops, your files have been encrypted. But don’t worry, we haven’t deleted them yet.

Hard reflection on the cyberattack on Kaseya

Imagine being offered an electronic lock for your front door. One that allows you to open the door through a mobile application in the cloud, would you accept it? They promised that they would never lose the key, that with the app your would be able to open the door remotely and even through a webcam in the peephole, the device will be able to recognize your face and welcome you.

Kaseya VSA Cyberattack: A Statement on Solidarity from N-able CSO Dave MacKinnon

The recent Kaseya VSA cyberattack is an important reminder of how security works best when we approach it as a community. The adversarial pivot to supply chain-based attacks for delivering ransomware underscore the role we all must play in helping to keep each other protected.

Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt

When Splunk told me we would have a “breach holiday” theme for the summer, I didn’t think it would be quite so on the nose… For those of you who have been working on this Kaseya REvil Ransomware incident over the weekend, I salute you. We’ve been doing the same. As usual, my team here at Splunk likes to make sure that we have some actionable material before posting a blog, and this time is no different.

Secure Software Development: How to Check Your Code

In May of 2021, a cybercrime organization called DarkSide successfully locked operators of the Colonial Pipeline, which supplies the east coast with 45% of its petroleum fuel, out of their own software system with a type of malware called "ransomware." True to its name, ransomware returns access to your software (in theory) if you pay a ransom. The result-fuel supplies collapsed across the eastern United States, with gas lines, price spikes, and panic. People began hoarding gasoline in states not even served by the Colonial Pipeline. The US government passed emergency legislation. Even DarkSide seemed shocked at the impact of their cyberattack.

Secure By Design | The CISO Perspective

CDW Technology Vice President & Chief Information Security Officer Ruben Chacon, SolarWinds® CISO and VP, Security Tim Brown, and SolarWinds Head Geek Thomas LaRock talk about what the CISO needs to know to face today’s escalating cybersecurity threats – and what it’s like to be in the “hot seat” when challenges inevitably arise.

Secure Factory: Time to Step Up for the Manufacturing Industry

The ongoing news of massive cyberattacks on manufacturing and energy companies has been a wake-up call. Operational Technology (OT) Security had not been on the radar of many CISOs and plant managers until they got hit. After reacting in a defensive mode last year it is time to step up with a proactive security strategy including OT. Secure Factory by Splunk helps manufacturing companies better understand and address their unique security challenges.

Cryptomining Attacks on Kubeflow: What You Need to Know

Microsoft recently reported two widespread cryptomining attacks targeting Kubeflow, a popular cloud-native platform for machine learning (ML) workloads on Kubernetes. Attackers targeted Kubeflow installations using either the Kubeflow central dashboard interface or Kubeflow Pipelines interface for scheduling crypto-mining workloads.