Threat Research 
How to detect the containers’ escape capabilities with Falco
Attackers use container escape techniques when they manage to control a container so the impact they can cause is much…
June 21, 2022 by Stefano Chierici
Threat Research
← Blog Homepage
Breaking down firewalls with BPFDoor (no e!) – How to detect it with Falco
BPF (not eBPF), typically viewed from a defender/sysadmin’s perspective, provides easy access to network packets and the ability to take…
June 9, 2022 by Nicholas Lang
Detecting and mitigating CVE-2022-26134: Zero day at Atlassian Confluence
A new zero day vulnerability actively exploited in the wild has been found in Atlassian Confluence. The vulnerability CVE-2022-26134 affects…
June 3, 2022 by Alberto Pellitteri
How to use Atomic Red Team to test Falco rules in K8s
The best way to know if something works is to try it out. Ensuring that your security products are actually…
May 31, 2022 by Jason Avery
How to detect TOR network connections with Falco
TOR was created with the idea of anonymizing connections across the Internet, but as in other instances, this can be…
May 26, 2022 by Jason Donahue
Killnet cyber attacks against Italy and NATO countries
On May 11, several Italian institutional websites, including the Italian Senate, the Ministry of Defense, and the National Institute of…
May 18, 2022 by alessandro.brucato
Trends at Blackhat Asia 2022 – Kubernetes, Cloud Security and more
This week, BlackHat Asia 2022 took place in hybrid mode. It’s one of the most important events within the #infosec…
May 13, 2022 by Miguel Hernández
Compromising read-only containers with fileless malware
Containers provide a number of security features that are not simply available on a normal host. One of those is…
May 3, 2022 by Nicholas Lang
Are vulnerability scores misleading you? Understanding CVSS severity and using them effectively
Vulnerabilities are everywhere. Vetting, mitigating, and remediating them at scale is exhausting for security practitioners. Let’s keep in mind that…
April 20, 2022 by Miguel Hernández
Critical Vulnerability in Spring Core: CVE-2022-22965 a.k.a. Spring4Shell
After the Spring cloud vulnerability reported yesterday, a new vulnerability called Spring4shell CVE-2022-22965 was reported on the very popular Java…
March 31, 2022 by Stefano Chierici
Detecting and Mitigating CVE-2022-22963: Spring Cloud RCE Vulnerability
Today, researchers found a new HIGH vulnerability on the famous Spring Cloud Function leading to remote code execution (RCE). The…
March 30, 2022 by Stefano Chierici
Digital Forensics Basics: A Practical Guide for Kubernetes DFIR
Containerization has gone mainstream, and Kubernetes won out as the orchestration leader. Building and operating applications this way provides massive…
March 29, 2022 by Alberto Pellitteri
Topics
-
Cloud Security (47)
-
Compliance (19)
-
Kubernetes & Container Security (67)
-
Monitoring (39)
-
Open Source (42)
-
Sysdig Features (77)
-
Threat Research (42)
Subscribe and get notified of new blogs