Collaborate Disseminate
In this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected Kubernetes clusters belonging to more than 350 organizations, open-source projects, an… Continue reading Kubernetes clusters face widespread attacks across numerous organizations
By Habiba Rashid
Aquasec Investigation Exposes Alarming Rise in Kubernetes Misconfigurations Leading to Catastrophic Breaches.
This is a post from HackRead.com Read the original post: Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters
Continue reading Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters
An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. Administrators in charge of Apache Superset instances should check whether the… Continue reading Common insecure configuration opens Apache Superset servers to compromise
Netwrix announced additional findings for the financial and banking sector from its global 2022 Cloud Security Report. Compared to other industries surveyed, financial institutions are much more concerned about users who have legitimate access to their… Continue reading Financial organizations more prone to accidental data leakage
In this interview with Help net Security, Brad Jones, VP of Information Security at Seagate Technology, talks about cybersecurity trends organizations will be dealing with soon, particlularly concerning cloud misconfiguration, data classification, soft… Continue reading The cybersecurity trends organizations will soon be dealing with
Titania launched an independent research report that uncovers the impact of exploitable misconfigurations on the security of networks in the US federal government. The study, “The impact of exploitable misconfigurations on the security of agencies’ net… Continue reading Security “sampling” puts US federal agencies at risk
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, application development and mobile app security, social engineering and phishin… Continue reading Risk management focus shifts from external to internal exposure
Censys launched its State of the Internet Report, a holistic view into internet risks and organizations’ exposure to them. Through careful examination of which ports, services, and software are most prevalent on the internet and the systems and regions… Continue reading Organizations should fear misconfigurations more than vulnerabilities
Network professionals feel confident with their security and compliance practices but data suggests that they also leave their organizations open to risk, which is costing a significant amount of revenue, according to Titania. In addition, some busines… Continue reading The impact of exploitable misconfigurations on network security
Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server servers vulnerable to CVE-2021-42321 exploitation are the most common exploit … Continue reading The most common exploit paths enterprises leave open for attackers