Kubernetes CVE-2018-1002105

On December 3rd a critical Kubernetes vulnerability was announced under CVE-2018-1002105. This vulnerability scored a 9.8 out 10 on the Common Vulnerability Scoring System (CVSS). The vulnerability stems from an issue with Kubernetes API Server (kube-apiserver) handling proxy requests when upgrading to WebSockets. The vulnerability ultimately can allow authenticated and unauthenticated users to make API […]

Read More…

Cloud Security This Week – December 14, 2018

New from Lacework AWS Spot Instance and Cloud Security All cloud providers have some type of a compute product offering which lets the user bid for the resource they need to complete or for more tasks. Amazon web services has led the way, offering a low cost EC2 usage option called Spot Instance. The model […]

Read More…

Cloud Security This Week – November 30, 2018

  At the risk of sounding like an alarmist, the fact is that this week was an absolute doozy for security-watchers. Leading off with the massive breach of 500 million Starwood customer records, to evidence that NSA hacking tools are still being used for nefarious purposes, it makes one question if we’re getting any better […]

Read More…

ELF of the Month_ Linux DDoS Malware Sample

ELF of the Month: Linux DDoS Malware Sample

Each month we take a look at a malicious Executable and Linkable Format (ELF) file, the common executable file format for Unix and Unix-like Operating Systems, and share details about the sample. In this edition of ELF of the Month we take a look at a Linux DDoS sample recently uploaded to VirusTotal. This particular […]

Read More…

Next Generation Firewall is Your Grandfather’s Generation in the Cloud

I have been in security for a long time. Seeing the firewall replaced with the “Next Generation Firewall” signaled a big milestone as we went from a model that focused on IP addresses to one that targeted applications, users and content. It was a major shift that provided a lot more visibility and context on […]

Read More…