Threat Research, Cloud Security, Kubernetes & Container Security
CVE-2023-38545: High Severity cURL Vulnerability Detection
Cloud Security (249) Compliance (58) Kubernetes & Container Security (211) Monitoring (97) Open Source (89) Sysdig Features (156) Threat Research (94)
Showing 61-72 of 93
Critical Vulnerability in Spring Core: CVE-2022-22965 a.k.a. Spring4Shell
After the Spring cloud vulnerability reported yesterday, a new vulnerability called Spring4shell CVE-2022-22965 was reported on the very popular Java...
Detecting and Mitigating CVE-2022-22963: Spring Cloud RCE Vulnerability
Today, researchers found a new HIGH vulnerability on the famous Spring Cloud Function leading to remote code execution (RCE). The...
Kubernetes & Container Security, Threat Research
Practical Guide for DFIR Kubernetes
Containerization has gone mainstream, and Kubernetes won out as the orchestration leader. Building and operating applications this way provides massive...
Threat Research, Sysdig Features
Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer
On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer...
How to be prepared for Cyber Warfare Attacks
On March 21st, President Biden released a warning about the possibility of Russian cyber warfare attacks against targets in the...
Threat Research, Kubernetes & Container Security, Open Source
Mitigating CVE-2022-0811: Arbitrary code execution affecting CRI-O
A new vulnerability CVE-2022-0811, alias cr8escape, with CVSS 8.8 (HIGH) has been found in the CRI-O container engine by Crowdstrike....
Threat Research, Kubernetes & Container Security
CVE-2022-0847: “Dirty Pipe” Linux Local Privilege Escalation
Right on the heels of CVE-2022-4092, another local privilege escalation flaw in the Linux Kernel was disclosed on Monday, nicknamed...
Cloud Security, Open Source, Threat Research
Real-Time Threat Detection in the Cloud
Organizations have moved business-critical apps to the cloud and attackers have followed. 2020 was a tipping point; the first year...
CVE-2022-0492: Privilege escalation vulnerability causing container escape
Linux maintainers disclosed a privilege escalation vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and...
Kubernetes & Container Security, Open Source, Threat Research
Triaging a Malicious Docker Container
Malicious Docker containers are a relatively new form of attack, taking advantage of an exposed Docker API or vulnerable host...
Detecting and mitigating CVE-2021-4034: “Pwnkit” local privilege escalation
A new advisory from Qualys discloses a local privilege escalation bug in SUID-set program ‘pkexec’. The flaw has been designated...