Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Enabling Secure Kubernetes Multi-Tenancy with Calico Enterprise

Dec 15, 2020 By Tigera In Tigera

When you have different teams interacting with a Kubernetes cluster you need to think about the security, privacy, and observability challenges associated with multi-tenancy: How to provide each team with access to the specific resources they need, in a way that allows the team to be agile, without risking impacting other teams? In this session, we’ll explore the Kubernetes multi tenancy concepts and design patterns needed for successful enablement of multi-tenancy within your Kubernetes clusters using key capabilities of Calico Enterprise.

View Video

Tigera

Read more about Enabling Secure Kubernetes Multi-Tenancy with Calico Enterprise

Datadog on Serverless

Dec 15, 2020 By Datadog In Datadog

The Datadog Security Platform team leverages Serverless to ingest security events across many different cloud providers, deployment platforms, and devices. These security events are then transformed and shipped to a data lake to help defend and protect the platform as a whole. Once there, these ingested events are used to drive internal investigations, create internal security alerts, and reason about security incidents.

View Video

Datadog

Read more about Datadog on Serverless

Elastic Security provides free and open protections for SUNBURST

Dec 15, 2020 By Devon Kerr In Elastic

On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platform. The attack affects Orion versions 2019.4 HF 5 through 2020.2.1, software products released between March and June of 2020. Likewise, on December 13, FireEye released information about a global campaign involving SolarWinds supply-chain compromise that affected some versions of Orion software.

Read Post

Elastic

Read more about Elastic Security provides free and open protections for SUNBURST

3 Tips for MSPs to Handle Cyber Attacks

Dec 15, 2020 By AlertOps In AlertOps

Managed service providers (MSPs) face ransomware, malware, and other cyber attacks — and these issues can affect both MSPs and their clients. To understand the full impact of an MSP cyber attack, let’s examine the topic in more detail. Businesses use MSPs to manage IT infrastructure and other resources. In doing so, businesses outsource the maintenance and care of applications, networks, security, and other aspects of their IT operations to a third-party.

Read Post

AlertOps

Read more about 3 Tips for MSPs to Handle Cyber Attacks

Logit.io Achieves PCI Service Provider Compliance

Dec 15, 2020 By Eleanor Bennett In Logit.io

We’re happy to announce that we’ve successfully completed PCI (Payment Card Industry Data Security Standard) Service Provider Certification. This means that at Logit.io we are committed to the security of storing, processing and transmitting credit card transactions.

Read Post

Logit.io

Read more about Logit.io Achieves PCI Service Provider Compliance

SUNBURST Backdoor: What to look for in your logs now - Interview with an incident responder

Dec 15, 2020 By Lennart Koopmann In Graylog

Yesterday, FireEye published a report about a global intrusion campaign that utilized a backdoor planted in SolarWinds Orion. Attackers gained access to the download servers of Orion. They managed to infect signed installers downloaded by Orion users who had all reason to believe that the packages are safe and had not been tampered with. With this information out in the world, teams are scrambling to investigate if their environments are affected by this breach.

Read Post

Graylog

Read more about SUNBURST Backdoor: What to look for in your logs now - Interview with an incident responder

Coordinated disclosure of XML round-trip vulnerabilities in Go's standard library

Dec 14, 2020 By Juho Nurminen In Mattermost

This blog post is a part of Mattermost’s public disclosure of three serious vulnerabilities in Go’s encoding/xml related to tokenization round-trips. The public disclosure comes as a result of several months of work, including collaborating with the Go security team since August 2020 and with affected downstream project maintainers since earlier this month.

Read Post

Mattermost

Read more about Coordinated disclosure of XML round-trip vulnerabilities in Go's standard library

Securing Your Expanding Network Perimeter

Dec 14, 2020 By Brandon Shopp In SolarWinds

Cybersecurity attacks, such as ransomware and phishing scams, have delivered crippling IT blows in the public sector for some time. And here’s the bad news—these attacks have proliferated in the days of COVID-19. A new report from Google found a 350% increase in phishing attacks since the beginning of the year. To better defend against today’s cyberattacks, state and local governments are increasingly exploring the benefits of software-defined networking (SDN).

Read Post

SolarWinds

Read more about Securing Your Expanding Network Perimeter

Netreo Platform Security

Dec 14, 2020 By Netreo In Netreo

Now, more than ever, Information Security is a topic that should not be taken lightly. All organizations are vulnerable through technology and it is imperative that risk is managed on a daily basis. Netreo realizes the only way to safeguard against threats is to take a holistic approach to managing our technology, people, and processes.

Read Post

Netreo

Read more about Netreo Platform Security

Using Splunk to Detect Sunburst Backdoor

Dec 14, 2020 By Ryan Kovar In Splunk

TL;DR: This blog contains some immediate guidance on using Splunk Core and Splunk Enterprise Security to protect (and detect activity on) your network from the Sunburst Backdoor malware delivered via SolarWinds Orion software. Splunk’s threat research team will release more guidance in the coming week. Also please note that you may see some malicious network activity but it may not mean your network is compromised. As always review carefully.

Read Post