Precious little about security, but interesting, nonetheless.
The post Alex Williams, Joe Beda, Sarah Novotny & Michael Rubin – ‘SIGs and the Kubernetes Community’ appeared first on Security Boulevard.
Another year done. You know what that means? It's time for the annual InfoSec Tweets Awards! This marks the 6th year running. As you long as you keep reading them, I'll keep writing them.
As in previous years, there are no actual awards. These are just funny or thought provoking tweets that I've "favorited" over the year (I still refuse to call them "likes"). As always, categories are completely arbitrary and I make them up as I go along...
Best Tweet Inspired by a Movie
"I could-a give you my word as a CISSP..." "No good. I've known too many CISSPs."— Corum (@Corum) August 25, 2017
Best Tweet About Passwords
Raise your hand if you use the same password for everything.
Allright, now use that hand to slap yourself in the face.#infosec— Khalil Sehnaoui (@sehnaoui) January 8, 2017
Best Tweet About Browsers
I'm not racist, I have lots of friends who run Edge.— egyp7 (@egyp7) January 13, 2017
Best Tweet About Twitter
forget the 💙, Twitter needs an "I feel your pain" button— b❆B Rudis (@hrbrmstr) July 16, 2017
Best Tweet About Pentesting
If you're a pentester, hacking skills might be what gets you the job but that's not what you're selling. Your work product is the report.— egyp7 (@egyp7) May 18, 2017
Best Tweet About Healthcare
"There's a joke about security in healthcare sector: "We value our privacy, but we'd like to be alive to enjoy it."" - @joshcorman CSS2017— Twinkle Royal Ribbon (@Infosecjen) June 28, 2017
Best Tweet About Food
We had cryptographic potatoes for dinner. They were salted and hashed.— Andromeda Yelton (@ThatAndromeda) March 12, 2017
Best Tweet on the Hacker Mindset
Them: "I'd run thru a brick wall for you, boss."Me: Love the attitude. But you're a hacker. You see a wall? Go over, go under, go around.
— J Wolfgang Goerlich (@jwgoerlich) January 28, 2017
Best Tweet to Combat Imposter Syndrome
Grace Hopper was 37 when she joined the Navy, 40-something when she pioneered the compiler, & 50-something when she wrote COBOL. https://t.co/2ax9JQvbUY— Sarah Mei (@sarahmei) February 27, 2017
Best Tweet with Practical Advice
If you want to frustrate Burp users, have certain keywords like "postgresql" randomly apear in hidden fields on the site. The SQLi scanner will go mad!— Robin (@digininja) November 27, 2017
Best Tweet on Marketing
Today in cyber-marketing-perfection:A suit of armor, made of plastic. pic.twitter.com/9P10tuTUNm
— haroon meer (@haroonmeer) June 7, 2017
Best Use of a Meme
I'm using this in so many presentations pic.twitter.com/9tO7XQWUeu— Amanda Berlin (@InfoSystir) August 31, 2017
Best Tweet of the Year! 🌠
You can have mine, but it's been stuck on 11 for years. Some folks say it's broken but I can never be sure.— Ben Jackson (@innismir) April 17, 2017
(you both get credit for this one-two punch)
That's a wrap for 2017. It's been an interesting year filled with record breaking breaches, crypto malware and the like. No doubt this has kept many of you busy and as the year winds down it's my hope that this annual post will give you a laugh or two . Feel free to comment below with any Twitter gems that I inevitably overlooked.
I wish you all health and happiness in 2018 and hope to see many of you soon.
Happy New Year!
The post 2017 InfoSec Tweet Awards appeared first on Security Boulevard.
As more IT management solutions move to the cloud, many IT admins have started wondering if the domain controller is going to make a similar move. Is there a SaaS...
The post SaaS Domain Controller appeared first on JumpCloud.
The post SaaS Domain Controller appeared first on Security Boulevard.
From a Republican National Committee contractor exposing voting data on nearly 200 million people to Equifax revealing a breach impacting […]
The post Recap: The Biggest Data Breaches of 2017 appeared first on Checkmarx.
The post Recap: The Biggest Data Breaches of 2017 appeared first on Security Boulevard.
漏洞概要 以下安全公告描述了在vBulletin5中发现的一个未经身份验证的文件包含漏洞,成功利用该漏洞可造成远程代码执行。 vBulletin也称为vB,由vBulletin Solutions公司基于PHP和MySQL开发,广泛用于搭建网络论坛。 vBulletin为许多网络大型的社交网站提供技术支持,数量超过10万,其中包括财富500强和Alexa Top 1M公司的网站和论坛。根据最新的W3Techs1统计,vBulletin 4拥有超过55%的vBulletin市场份额,而vBulletin 3和vBulletin 5则占剩下的45%。 漏洞提交者 一位独立的安全研究人员向 Beyond Security 的 SSD 报告了该漏洞 厂商响应 自2017年11月21日起,我们多次尝试联系vBulletin,但是暂时没有得到回复。目前,漏洞暂时还没有解决方案。 漏洞详细信息 vBulletin存在一个漏洞,导致远程攻击者可以从vBulletin服务器中包含任意文件并执行PHP代码。 未经身份验证的用户可以向/index.php发送GET请求,然后使用参数routestring =触发文件包含漏洞。 该请求允许攻击者向安装在Windows操作系统上的Vbulletin服务器创建精心制作的请求,并在Web服务器上包含任意文件。 /index.php 部分代码: [crayon-5a48956e976e8499982937/] 让我们仔细看看vB5_Frontend_Application :: init — /includes/vb5/frontend/application.php部分代码: [crayon-5a48956e976ef699978057/] 我们可以看到setRoutes()被调用 /includes/vb5/frontend/routing.php部分代码: [crayon-5a48956e976f2300464943/] 因此,如果我们的字符串不以’.gif,‘.png’,’.jpg’,’.css’或者‘.js’结尾并且不包含’/’字符,vBulletin会从vB5_Frontend_Controller_Relay中调用legacy() /includes/vb5/frontend/controller/relay.php部分代码: [crayon-5a48956e976fa261434075/] 如果我们从Api_Interface_Collapsed类中检查relay() /include/api/interface/collapsed.php部分代码: [crayon-5a48956e976fd577420656/] 正如我们所看到的,攻击者无法在$文件中使用“/”,所以不能在Linux上更改当前目录。但是对于Windows而言,可以使用’\’作为路径分隔符,通过PHP包含任意所需的文件(也可以使用’\ .. \’技巧)。 如果我们想包含扩展名为’.gif’,’.png’,’.jpg’,’.css’或’.js’这样的文件,需要绕过setRoutes()方法里面的过滤,绕过很容易,可以通过添加点(’.’)或空格(’%20’)到文件名来绕过。 完整的漏洞证明 我们可以通过发送下面的GET请求来检查服务器是否有漏洞: /index.php?routestring=.\\ 如果回显是: 那么服务器存在漏洞 如果我们想要在服务器上的任何文件中注入一个php代码,我们可以使用access.log例如: /?LogINJ_START=LogINJ_END … Continue reading SSD安全公告-vBulletin routestring未经验证的远程代码执行
The post SSD安全公告-vBulletin routestring未经验证的远程代码执行 appeared first on Security Boulevard.
In this article, a new injection technique which is named as “Process Doppelgänging,” is reviewed. This technique was unveiled in at the Black Hat Europe by two security researchers from...
Go on to the site to read the full article
The post Process Doppelgänging appeared first on Security Boulevard.
What is computer forensics? It is the science of locating, extracting, and preserving information/data from IT, wireless, and backup/storage devices. Later, this is used to determine the origin of...
Go on to the site to read the full article
The post Computer Forensics Certifications appeared first on Security Boulevard.
The post MobileMiner, iOS Cryptomining appeared first on Security Boulevard.
Historically, the authentication process has been controlled by an on-prem identity provider. For most organizations, that has been Microsoft Active Directory®. But, as the IT landscape changes, IT organizations have...
The post Outsourced Authentication appeared first on JumpCloud.
The post Outsourced Authentication appeared first on Security Boulevard.
Introduction: Mobile forensics is a branch of digital forensics related to the recovery of digital evidence from mobile devices. “Forensically sound” is a term used extensively in the...
Go on to the site to read the full article
The post Mobile Forensic Process: Steps and Types appeared first on Security Boulevard.
Cybersecurity, cyber-terrorism, and cyber defense are serious topics of concern for all industries, government agencies, energy, and national infrastructure entities right now and for the foreseeable future. Securing the information systems, data, and infrastructure of these Governmental, Military, and Commercial assets now is paramount. What are some of the greatest areas of concern for U.S. [...]
The post Cybersecurity: What Must be Done Now to Protect the Future? appeared first on TechSpective.
The post Cybersecurity: What Must be Done Now to Protect the Future? appeared first on Security Boulevard.
(You can find all R⁶ posts here) A Twitter discussion: I'm going to keep my eyes out for this one! Would love to have an easy way to embed tweets in Rmd talks!— Jeff Hollister (@jhollist) December 30, 2017 that spawned from Maëlle’s recent look-back post turned into a quick function for capturing an image... Continue reading →
The post R⁶ — Capture Tweets with tweet_shot() appeared first on Security Boulevard.
2017 is nearly at an end. We humans seem to need these cycles to help us on our path forward and have, throughout history, used these annual demarcation points as a time of reflection of what was, what is an what shall come next. To that end, I decided it was about time to help... Continue reading →
The post 2017. Quantified. In. R. appeared first on Security Boulevard.
TLS 1.3 promises great improvements for the encrypted Web, both in terms of security and performance. However, its adoption has been held back for the past year by SSL/TLS proxies and other load balancing and traffic monitoring middleboxes that break connections. Browser vendors have held back adding TLS 1.3 by default because tests showed that..
The post You Can Now Help Identify Middleboxes Holding Back TLS 1.3 Adoption appeared first on Security Boulevard.
Introduction There is no doubt that the world is becoming connected, in more ways than one. A lot of this can be attributed to the growth of the various wireless technologies which have proliferated...
Go on to the site to read the full article
The post How to Fix Some Technical Issues with Siri and Cortana, and What Their Future Holds appeared first on Security Boulevard.
Attackers are breaking into online shops built with Magento by exploiting a known cross-site scripting vulnerability within a popular extension used by merchants for customer support. A successful compromise results in malware being installed on the website with the goal being to intercept sensitive payment information inputted by customers. The vulnerability is located in a..
The post Hackers Infect Magento Shops With Malware Through Extension Flaw appeared first on Security Boulevard.
New research: "Global proliferation of cephalopods" Summary: Human activities have substantially changed the world's oceans in recent decades, altering marine food webs, habitats and biogeochemical processes. Cephalopods (squid, cuttlefish and octopuses) have a unique set of biological traits, including rapid growth, short lifespans and strong life-history plasticity, allowing them to adapt quickly to changing environmental conditions. There has been growing...
The post Friday Squid Blogging: Squid Populations Are Exploding appeared first on Security Boulevard.
Via the eponymous Randall Munroe at XKCD.
The post XKCD, Phone Security appeared first on Security Boulevard.
As the IT landscape becomes more complex, a new wave of management tools has emerged. One such tool is an identity bridge, which helps extend existing user identities to resources...
The post Hosted Identity Bridge appeared first on JumpCloud.
The post Hosted Identity Bridge appeared first on Security Boulevard.
A 28-year-old Kansas man was shot and killed by police officers on the evening of Dec. 28 after someone fraudulently reported a hostage situation ongoing at his home. The false report was the latest in a dangerous hoax known as "swatting," wherein the perpetrator falsely reports a dangerous situation at an address with the goal of prompting authorities to respond to that address with deadly force. This particular swatting reportedly originated over a $1.50 wagered match in the online game Call of Duty. Compounding the tragedy is that the man killed was an innocent party who had no part in the dispute.
The following is an analysis of what is known so far about the incident, as well as a brief interview with the alleged and self-professed perpetrator of this crime.
The post Kansas Man Killed In ‘SWATting’ Attack appeared first on Security Boulevard.
Introduction A wise person once said that the only things in life that are certain are taxes and death. It seems that we can now add another to that short list and that is cybercrime. And like death...
Go on to the site to read the full article
The post Top 5 CVEs of 2017 and How Much They Hurt appeared first on Security Boulevard.
The post BruCON 0x09, Balazs Bucsay’s ‘XFLTReaT: A New Dimension In Tunnelling’ appeared first on Security Boulevard.
New research:
"Global proliferation of cephalopods"
Summary: Human activities have substantially changed the world's oceans in recent decades, altering marine food webs, habitats and biogeochemical processes. Cephalopods (squid, cuttlefish and octopuses) have a unique set of biological traits, including rapid growth, short lifespans and strong life-history plasticity, allowing them to adapt quickly to changing environmental conditions. There has been growing speculation that cephalopod populations are proliferating in response to a changing environment, a perception fuelled by increasing trends in cephalopod fisheries catch. To investigate long-term trends in cephalopod abundance, we assembled global time-series of cephalopod catch rates (catch per unit of fishing or sampling effort). We show that cephalopod populations have increased over the last six decades, a result that was remarkably consistent across a highly diverse set of cephalopod taxa. Positive trends were also evident for both fisheries-dependent and fisheries-independent time-series, suggesting that trends are not solely due to factors associated with developing fisheries. Our results suggest that large-scale, directional processes, common to a range of coastal and oceanic environments, are responsible. This study presents the first evidence that cephalopod populations have increased globally, indicating that these ecologically and commercially important invertebrates may have benefited from a changing ocean environment.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Read my blog posting guidelines here.
New York Magazine published an excellent profile of the single-document leaker Reality Winner.
Eight years ago today I set aside my Washington Post press badge and became an independent here at KrebsOnSecurity.com. What a wild ride it has been. Thank you all, Dear Readers, for sticking with me and for helping to build a terrific community.
The post Happy 8th Birthday, KrebsOnSecurity! appeared first on Security Boulevard.
Via Catalin Cimpanu, writing at Bleeping Computer, comes one of today's most interesting (and fairly innocuous) flaws, targeting the speaker products of both Sonos and Bose Corporation. Apparently, the flaws are of the remote exploit variety, of which, permits remote attackers to execute sounds upon command. The possibilites, therefore, are significant (considering the Children of the Script out there...). So far, the reports have noted pranking connected to the flaw.
The post Smart Speaker Flaws, The Pranking appeared first on Security Boulevard.
Controlling identities can be painful in the modern era of IT. In the past, because everything was on-prem, Microsoft Active Directory® could manage an organization’s passwords, and it allowed there...
The post SaaS Password Management appeared first on JumpCloud.
The post SaaS Password Management appeared first on Security Boulevard.
I was thinking about Jeff Weiner's question to identify a single product or feature that you cannot do without. For me, it is easy to pay that accolade to Tesla's self-driving autopilot. Every time I am stuck in Bay Area traffic, I allow the car to drive itself while I engage in creative thinking or relax with an audiobook. This is the perfect example of what technology should do—take on the monotonous work and do it better than a human being can.
The post Which IoT device scares me the most? appeared first on Security Boulevard.
2017 was another landmark year for cybersecurity. In reviewing our quarterly Threat Landscape reports, it is clear that 2017 has been notable primarily for three things: the rapid digital transformation and expansion of the potential attack surface, the increasing sophistication of cyber attacks, and a lapse in basic cybersecurity hygiene, largely being driven by digital transformation coupled with the growing cybersecurity skills gap.
The post Executive Insights: 2017 Threat Trends – Looking at Our Threat Reports appeared first on Security Boulevard.
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2017 entries. If you missed any of the 64 attempts including 16 videos, here they are wrapped in one simple entry. I read somewhere that lists in […]
The post Blog Roll 2017 appeared first on Security Boulevard.
New York Magazine published an excellent profile of the single-document leaker Reality Winner....
The post Profile of Reality Winner appeared first on Security Boulevard.
A data breach at a payment processor might have compromised the personal and financial information of some Tallahassee utility customers. Tallahassee Treasurer Clerk Jim Cooke is warning that a breach at TIO Networks, a company used by Florida’s capital to help people pay their bills, might have affected an untold number of utility customers in […]… Read More
The post Data Breach Potentially Struck Tallahassee Utility Customers appeared first on The State of Security.
The post Data Breach Potentially Struck Tallahassee Utility Customers appeared first on Security Boulevard.
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things...read more
The post Cyber News Rundown: Edition 12/29/17 appeared first on Webroot Threat Blog.
The post Cyber News Rundown: Edition 12/29/17 appeared first on Security Boulevard.
Today I'd like to show an interesting analysis of a quite new InfoStealer Malware delivered by eMail to many International Companies. The analysis shows up interesting Code Reuse capabilities, apparently originated by Japanese Attackers reusing an English Speaker Attacker source code. Again I have not enough artifacts to give attributions but only few clues as follows. In the described analysis, the original sample was delivered by sarah@labaire.co.za (with high probability a compromised South Africa account) to one of my spamming email addresses.
 |
| Stage 1: Obfuscation |
 |
| Stage 1: Invoked Command |
A fashionable powershell command drops and executes: hxxp://ssrdevelopments.co.za/a2/off.exe. Powershell seems to be a "must have" in contemporary Malware. Analyzing the "dropping" url and tracking down the time it is in "Index Of" mode (2017-0-13), I suspect it is not a compromised website rather a crafted web server or a compromised host of a dead company.
 |
| Dropping Web Site |
By surfing on the Malware propagator web site I founded out many malicious executables (sees IoC section) each one showing up specific behaviors such as: password stealers, RAT and Banking Trojans. Even if the samples were developed for different targets, all of them shared the following basic behaviors:
I'd like to write a simple analysis for each found sample, but today time is not my friend, so let's focalize to one of the malicious samples. Let's get done the received sample by digging into the "second stage" dropped by the powershell "first stage" from ssrdevelopments.co.za/a2/off.exe. After few seconds on second stage (off.exe) it became clear that it was a .NET software. By reversing the interpreted .NET language some clear text comments appeared interesting. Japanese language such as comments and variable names came out from static analysis. Let's have a look to them.
 |
| Stage 2: Apparently Japanese characters |
 |
| Stage 2: Japanese Names and Self Encoding Structures |
 |
| Stage 2: Xoring function to extract Stage 3 |
On my run, the xored payload took the name of GIL.exe; another .NET executable. We are now facing the third stage. By analyzing the decompiled sample it became clear that:
 |
| Stage 3: New Language in Strings and Class names |
 |
| Stage 3: New Code Style |
The post Info Stealing: a new operation in the wild appeared first on Security Boulevard.
We saw several new programming languages like Kotlin, Rust, and Go lang come into promienence this year. In this article, we take a look at what 2018 has in store when it comes to programming languages.
The post The Most In-Demand Programming Languages of 2018 appeared first on Security Boulevard.
Introduction This domain review covers the areas of knowledge that CISM candidates must grasp in order to be able to establish an effective program to respond to and subsequently manage incidents...
Go on to the site to read the full article
The post CISM Domain 4: Information Security Incident Management (ISIM) appeared first on Security Boulevard.
via the superlative satire of Arthur “Chip” Bok on Bokbluster.com.
The post Chip Bok’s ‘Big Bitcoin Bounce’ appeared first on Security Boulevard.
Managing users and their access to IT resources can be a time consuming task. Today’s modern IT networks leverage a variety of platforms, providers, and locations. Connecting them all together...
The post Outsourced User Management appeared first on JumpCloud.
The post Outsourced User Management appeared first on Security Boulevard.
Introduction This domain reviews one of the areas of knowledge that CISM candidates must grasp in order to be able to develop, manage and maintain an information security program that will be used to...
Go on to the site to read the full article
The post CISM Domain 3: Information Security Program Development & Management appeared first on Security Boulevard.
Please don’t laugh, but alongside our “Testing Security” research project (that will likely skew towards the high-maturity security audiences) we are also doing a new research project for mainstream organizations in Q1 2018. It will focus on starting your detection and response effort. Now, a security skeptic may say “why teach an organization to focus […]
The post New Research: Starting Your Detection and Response Capability appeared first on Security Boulevard.
Upon returning from a holiday trip this week, we received unsettling news. There has been a rash of mail theft emanating from our local post office. Our box of held mail seemed lighter than it should have been. And one envelope was slashed open; the gift card sent to us, missing. Our experience fell in […]
The post MY TAKE: How a ‘gift card’ thief spoiled my Christmas appeared first on Security Boulevard.
Former USMC MWD Sirius, who served with the 2nd Law Enforcement Battalion, a battalion component of the II Marine Expeditionary Force (and retired during a ceremony at Ashley Kennels at Camp Lejeune, N.C., Feb. 26, 2016). Sirius was adopted by the family of his former handler, Sgt. Joshua Ashley, who was killed while he and Sirius were on duty and patrolling in support of Operation Enduring Freedom in 2012. - via Lance Cpl. Erick Galera and Cpl. Michelle Reif of the II Marine Expeditionary Force on board United States Marine Corps Base Camp Lejeune, North Carolina, United States of America. Sirius will ride the Lucy Pet Foundation's Paws for Life Float in this New Years 2018 Rose Parade.
The post USMC MWD of Fallen Marine Handler Adopted by Family – Riding In 2018 Rose Parade appeared first on Security Boulevard.
As a web application firewall provider, part of our job at Imperva is constantly monitoring new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrate it into a single repository, and assess each vulnerability’s priority. Having this […]
The post The State of Web Application Vulnerabilities in 2017 appeared first on Security Boulevard.
As the world looks forward to saying goodbye to the crazy year that was 2017, security experts are chiming in about what to expect in 2018, and the news is not good: insider attacks, tax scams, election hacks, and holes created by the Internet of Things lead the list of threats that cyber security teams can expect to be most prominent in the coming year. Probably not the Christmas gift list they had in mind. Given what we saw in 2017, there's no reason not to believe the experts. With organizations as varied as Equifax, Uber and the Securities Exchange Commission having revealed significant…
The post From the IoT to Insider Threats, 2018 Figures to Keep Security Leaders on Their Toes appeared first on Security Boulevard.
Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS.
As 2017 comes to a close, we decided to take a look back at a number of new attack types and threats that we saw throughout the year. Our team took a deep dive into researching and testing many of these threats to find out how they operate and how big of a threat they […]
The post The Radware Research Roundup appeared first on Radware Blog.
The post The Radware Research Roundup appeared first on Security Boulevard.
Looking for a solution to stop programs from slowing down your PC—without sacrifices? Meet “Sleep Mode,” part of the all-new Avast Cleanup Premium.
The post A much-needed wake-up call: “Sleep Mode” for slow PCs appeared first on Security Boulevard.
Over the last few years, container technology has gained traction in enterprise environments. And, as a result, use of containerized applications has exploded in the enterprise. Naturally, as its adoption increased, management platforms such as Kubernetes were developed to manage containerized applications. They’ve now become critical to any modern DevOps-focused infrastructure. Tenable recently released an audit to help customers secure this key piece of infrastructure in their environments.
Kubernetes is an open-source orchestration platform for deploying, maintaining and scaling containerized applications. Kubernetes was originally developed by Google, and later donated to the Cloud Native Computing Foundation. By leveraging Kubernetes, organizations can:
Organizations choose Kubernetes over other orchestration platforms for many reasons:
Depending on the workloads run on Kubernetes, you may consider it a core piece of network infrastructure. After all, it could be hosting the external applications that generate revenue for your business, sensitive internal applications, customer information and more.
Auditing security configurations of such platforms should therefore be an important part of any organization’s security program. A secure configuration audit provides a level of assurance that an information system is configured based on industry standard best practice recommendations.
To protect an information system, you need to account for every flaw that may exist, while an attacker may only need to find a single flaw to exploit. As an example, a recommended configuration is to only allow https traffic to the API server. If the traffic was not encrypted, it may be possible for an attacker to obtain sensitive information such as secrets and keys, and potentially take over control of the cluster. The good news is that Tenable customers now have the ability to perform a configuration audit of your Kubernetes based on the Center for Internet Security (CIS) benchmark.
The CIS recently released the CIS Kubernetes Benchmark, which provides detailed guidance to securely configure core components of Kubernetes, including the Master Node, Worker Node and Federated Deployments.
Responsible for managing the workload within the cluster. Services include:
Responsible for running workloads within the cluster. Services include:
Function similar to Master Nodes, except they manage clusters instead of worker nodes. Services include:
Federation is not required in all deployments, so this section may not apply to your organization.
To get started, log into Tenable.io and create a new Policy Compliance Auditing scan. In your scan configuration, select the Compliance tab. Under UNIX, CIS Kubernetes Benchmarks are now available. Due to Kubernetes’ deployment flexibility, the audit utilizes variables to ensure the checks are specific to your deployment.
Once the configuration is saved, run the scan and review the results. Below is sample output from a scan. For simplicity, only results from the worker node are displayed.
Below is a closer view of one of the results. This page shows:
Also, note the reference to cybersecurity frameworks and standards on the right (in the Reference Information section). In this example, the controls listed are:
Depending on the cybersecurity framework your organization follows, you can map these compliance results to the controls to assist you in demonstrating compliance.
When planning a Kubernetes deployment, it’s important to:
At Tenable, we regularly update our policy compliance audits to match the newest versions by Center for Internet Security (CIS) and Defense Information Systems Agency (DISA). In some cases, we produce our own best practice audits. We also realize there are many cybersecurity frameworks available for organizations to follow, so we regularly map the checks in the policy compliance audits to various framework controls.
The post Auditing Kubernetes for Secure Configurations appeared first on Security Boulevard.
In 2017, some of the worst data incidents of recent years have occurred. Whether Equifax, Uber or Maersk, organizations have had to admit, sometimes too late, that their customers’ personal data have been stolen. To some extent, companies' tactics to cover up the incidents have seemed almost as criminal as the data theft itself. All industry insiders and security software companies that dare to make forecasts for the coming year agree that ransomware in particular seems to be developing into a threat that companies cannot currently handle.
The post Looking into the crystal ball appeared first on Security Boulevard.
Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS....
The post The "Extended Random" Feature in the BSAFE Crypto Library appeared first on Security Boulevard.
The time of year when crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Copying off since 2012, rather than thinking up my own, I figured I’d regurgitate what many others expect to happen. Top 10 Cyber Security Predictions for 2018 – Infosec Institute kicks off this […]
The post The Top 10, Top 10 Predictions for 2018 appeared first on Security Boulevard.
A data breach has exposed the login credentials belonging to 300,000 users of RootsWeb, a service owned and sponsored by Ancestry.com. On 4 December 2017, someone posted a file containing the usernames and plaintext passwords of 300,000 users to a hacker forum. An analysis of the dump, which was still available for download as of […]… Read More
The post Data Breach Exposes 300K RootsWeb Users’ Login Credentials appeared first on The State of Security.
The post Data Breach Exposes 300K RootsWeb Users’ Login Credentials appeared first on Security Boulevard.
2017 will be remembered for some of the worst hacks and data leaks. Equifax, WannaCry, Goldeneye and Uber’s concealment of the leak of 57 million user records have apparently taught the average internet user nothing about security. Users still haven’t understood the importance of strong unique passwords, password management provider SplashData concluded after analyzing over […]
The post ‘starwars’ joins the top 100 worst passwords list in 2017 appeared first on Security Boulevard.
Will 2018 be a year without conflict? Not likely. Will we see information warfare in 2018? Most definitely. Indeed, the possibility of information warfare being the impetus for a nation’s kinetic response is just as real as ever, if not more so. Gen. Keith Alexander, former director of the National Security Agency, while speaking at..
The post Information Warfare: The Year Ahead appeared first on Security Boulevard.
The main challenge for industrial control systems is that the processes that control those systems are connected to critical infrastructure such as power, water, gas, and transport. This means they require high availability, and it is not easy to interrupt those systems to apply security updates. Effects of any downtime means that it can affect […]… Read More
The post The State of Security in Industrial Control Systems appeared first on The State of Security.
The post The State of Security in Industrial Control Systems appeared first on Security Boulevard.
Introduction The hospitality industry has been consistently hit with cyberattacks year after year. Fast food chains, large retailers, and every major hotel chain have been victims. As with most...
Go on to the site to read the full article
The post Phishing Attacks in the Hospitality Industry appeared first on Security Boulevard.
A common question that we hear from admins is whether or not Azure® Active Directory® is a SaaS version of directory services. It’s a great question, and there is no...
The post SaaS Directory Services: Azure® Active Directory®? appeared first on JumpCloud.
The post SaaS Directory Services: Azure® Active Directory®? appeared first on Security Boulevard.
Introduction The engineering field consists of various types of disciplines. It has multiple branches but most types of engineers can be placed into one of the following categories: civil,...
Go on to the site to read the full article
The post Phishing Attacks in the Engineering Industry appeared first on Security Boulevard.
Introduction This is a continuation of our “Forensic Techniques” series, in which we discuss some of the most common yet powerful computer forensic techniques for beginners. In Part 1, we took a look...
Go on to the site to read the full article
The post Computer Forensics: Forensic Techniques, Part 2 appeared first on Security Boulevard.
Attackers have started to exploit a vulnerability patched this month in Android that enables the bundling of malware with Android application files (APKs) and evading antivirus products. The vulnerability, known as Janus and identified as CVE-2017-13156, was privately reported to Google in July by researchers from mobile security firm GuardSquare. Google included a patch for..
The post Attackers Exploit Android Application Package Flaw to Hide Malware appeared first on Security Boulevard.
The post BruCON 0x09, Arnaud Soullié’s ‘DYODE – Do Your Own Dyode’ appeared first on Security Boulevard.
We conclude our series featuring women in tech at Imperva with an interview with Jerusalem Bicha, network operations team lead at Imperva. We talked about her path to a career in cybersecurity. Tell us how you got into cybersecurity. JB: I actually don’t have a degree. My career in cybersecurity happened by accident when I […]
The post Women in Tech and Career Spotlight: Jerusalem Bicha appeared first on Security Boulevard.
Numerous relatively recent cyber attacks have successfully breached organizations that should be the cyber world’s equivalent of Fort Knox – exceedingly hard to penetrate. Yet as the infiltration of systems at the likes of the Security and Exchange Commission, National Security Agency and credit bureau giant Equifax underscore, no entity is immune from hackers. Why is this so, even as cyber defenses at so many places continue to improve? The answer is that software security is a complex, chronically evolving challenge. It cannot be addressed solely by cutting-edge technology or by hiring more…
The post How Enterprises Can Better Combat Advanced Cyber Attacks appeared first on Security Boulevard.
NIST has organized a competition for public-key algorithms secure against a quantum computer. It recently published all of its Round 1 submissions. (Details of the NIST efforts are here. A timeline for the new algorithms is here.)
Canada has proposed to pay $17.5 million to settle a privacy breach involving hundreds of thousands of individuals who applied for student loans. Under the proposed settlement, Canada would pay $60 to Canada Student Loan borrowers affected by the breach. The federal government could reduce that individual payment, however, in the event the total amount […]… Read More
The post Canada Proposes $17.5M Settlement for Student Loan Privacy Breach appeared first on The State of Security.
The post Canada Proposes $17.5M Settlement for Student Loan Privacy Breach appeared first on Security Boulevard.
Cloud computing is the single most important technology trend of the last 15 years, having a profound effect on many parts of IT. And as we enter 2018, cloud will emerge as a mature technology. In its report, “Cloud Computing Accelerates Enterprise Transformation Everywhere,” Forrester predicted that 2018 will be the year that more than..
The post Public Cloud: Security Strained by Complexity appeared first on Security Boulevard.
Ransomware is a problem on the rise, a simple threat with some very large business implications. Statistics show it has reached new levels of menace, and it’s growing at a remarkable rate: 6000% in 2016, an IBM study found, and a triple-digit increase into 2018. Although a very real and present danger (as shown by […]… Read More
The post The Future of Ransomware 2018 and Beyond appeared first on The State of Security.
The post The Future of Ransomware 2018 and Beyond appeared first on Security Boulevard.
As organizations’ IT environments become increasingly more complex, so too does the software they install on their systems. Software developers and managers have embraced microservices written in node.js and Spring Boot, for example. These new types of dynamic applications challenge organizations to establish appropriate trust chains and secure old code hosted on the web. Single-page […]… Read More
The post OWASP Top 10 Most Critical Web Application Security Risks of 2017 appeared first on The State of Security.
The post OWASP Top 10 Most Critical Web Application Security Risks of 2017 appeared first on Security Boulevard.
Via the non-throttled observational skills of Nitrozac and Snaggy at The Joy of Tech®.
The post The Joy of Tech®’s ‘Apple Gets a’ Throttling!’ appeared first on Security Boulevard.
OpenLDAP is a free implementation of the Lightweight Directory Access Protocol (LDAP). As an open source solution, OpenLDAP has provided technical personnel with the ability to integrate and customize the...
The post OpenLDAP™ as a Service appeared first on JumpCloud.
The post OpenLDAP™ as a Service appeared first on Security Boulevard.
Google should be applauded for spending a year studying how cybercriminals highjack account login credentials and expose them in the cyberspace. The search giant’s findings are astounding and instructive. Stolen passwords get channeled into the dark web in two main ways: one at a time, via phishing campaigns, or en masse, via data breaches, such […]
The post GUEST ESSAY: Google study details how 9 million account logons get stolen every 24 hours appeared first on Security Boulevard.
As I alluded here, we [Augusto and me] will be starting an epic new research project on testing security [BTW, should we codename it “Testing Security”, Augusto? :-)] First, a quick poll: how many types of security testing do you know? Let me try… Penetration testing (PT) Red teaming (RT) – differences of PT and […]
The post New Research: How to Actually Test Security? appeared first on Security Boulevard.
The post BruCON 0x09, Damien Cauquil ‘s – ‘Weaponizing the BBC Micro:Bit’ appeared first on Security Boulevard.
Interesting destructive attack: "Acoustic Denial of Service Attacks on HDDs": Abstract: Among storage components, hard disk drives (HDDs) have become the most commonly-used type of non-volatile storage due to their recent technological advances, including, enhanced energy efficacy and significantly-improved areal density. Such advances in HDDs have made them an inevitable part of numerous computing systems, including, personal computers, closed-circuit television...
The post Acoustical Attacks against Hard Drives appeared first on Security Boulevard.
United Parcel Service, Inc. (NYSE: UPS) has announced the delivery leviathan's participation in the Blockchain In Transport Alliance (BITA) - via Chelsea Gohd, writing at Futurism. Ostensibly, the utilization of blockchain cryptographic infrastructure will minimize - to a vestigial nubbin - the guesstimated multi-billion dollar losses {in reality, the exact figure is unknown...} - incurred by the transport industry due to crimiminal incursion into the coffers of transportation companies worldwide.
The post UPS Blockchained appeared first on Security Boulevard.
