The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Chances are you’ve heard of traditional credential-based attacks on Active Directory (AD) and cloud applications—brute force attacks, dictionary attacks, and keylogging, to name a few. There’s now another attack type you should familiarize yourself with: password spray attacks. In this blog, we’ll analyze why you should be wary of them and the best way to tackle them.
For our tech-minded readers, we strongly recommend you read the suggested articles in the US-CERT notification for detailed examples of how the hijacking takes place, for the rest of you, we’ve put together a summary of how the multifaceted attacks work.
Kubernetes Pod Security Policy is a mechanism to enforce best security practices in Kubernetes. In this tutorial, we will explain how to enable Kubernetes Pod Security Policy across your cluster using kube-psp-advisor to address the practical challenges of building an adaptive and fine-grained security policy on Kubernetes in production.
Data breaches come in all shapes, sizes, and levels of exposure. They can range from a couple of log files unintentionally left available to the public to the leak of hundreds of thousands of users’ personally identifiable information (PII). Don’t think that just because you have a secure network, a leak can’t happen to you.
When we talk about cloud providers, we often forget that not all data is the same — even in the same application, while we might think of this data as from a “financial application” or a “computation process”, the reality is that each data set has subsets upon subsets, and thus require specific applications to manage them.
Phishing happens. It is probably happening as you read this. Right now, some well-defended company is having data under its care exposed. This data may contain sensitive information, such as login credentials, and in many cases, it is only known that an attack of this type has taken place after the fact. Protecting yourself and your employer against phishing attacks relies foremost on critical thinking; however, there are some business processes and technologies that can help.
One of the key Kubernetes security concepts is that workload identity is tied back to information that the orchestrator has. The orchestrator is actually the authoritative entity for what the actual workloads are in the platform. Kubernetes uses labels to select objects and to identify collections of objects that satisfy certain conditions. We, and others in the Kubernetes networking space, often talk about using Kubernetes ‘labels’ as identity bearers.
If you maintain a regular practice of keeping log data, you probably have an established way of observing event logs in real time or you do it by using batch processing. There are two ways you can monitor event logs: manually and automatically. By monitoring event logs, you can gain deeper insight into system metrics, localize process bottlenecks, and detect security vulnerabilities. What are some other advantages of event log monitoring, and how can you get the most out of it?
