Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

How Emerging Technologies Influence State Government Staffing Needs

Emerging technologies impact many areas of an organization, but their impact on staffing is often overlooked. It would be ideal for public sector organizations, and state governments, in particular, to be able to adopt new technologies and hire the appropriate staff quickly and easily to optimize operations. State government managers face barriers such as a lack of budget, limited resources, minimal training, and unclear priorities—impeding speedy adoption.

What's Important in 2021? - Bold Predictions in the Digital Workplace and Delivering Security with a Remote Workforce

At Ivanti, our highest priority is our customer. With that in mind, I thought it would be a good idea to share some research that my team and I have found valuable as we have migrated through the COVID period. The two pieces of Gartner research, highlighted below and linked to on our landing page below, really hit home at Ivanti so we wanted to share them with all of you.

Calico Enterprise Multi Cluster Management - Federated Identity and Services

Managing multiple Kubernetes clusters can become time consuming and complex. Calico Enterprise can help with built in multi-cluster management capabilities to simplify deployment and ongoing operations, including securing interactions between the clusters, and providing cross-cluster service discovery.

Applying Strong Cyber Hygiene Security to IoT Endpoints

The Internet of Things, better known as IoT. You’ve heard of it, right? But do you know what it is? Simply, it is the interconnection of things (or endpoints) on the Internet to send and receive data. Today, experts calculate that there are 31 billion things connected to the insecure Internet, and growing exponentially. Did you know there are different types of IoT applications?

How We Use InfluxDB for Security Monitoring

At InfluxData, we believe it makes sense to use a time series database for security monitoring. In summary, it’s because security investigations are inevitably time-oriented — you want to monitor and alert on who accessed what, from where, at which time — and time series databases like InfluxDB are very efficient at querying the data necessary to do this.

How to detect sudo's CVE-2021-3156 using Falco

A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility built in almost all Unix-like based OSes. This includes Linux distributions, like Ubuntu 20 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). This popular tool allows users to run commands with other user privileges.

Detecting the Sudo Baron Samedit Vulnerability and Attack

On January 26th, 2021, Qualys reported that many versions of SUDO (1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1) are vulnerable (CVE-2021-3156) to a buffer overflow attack dubbed Baron Samedit that can result in privilege escalations. Qualys was able to use this vulnerability to gain root on at least Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2), some of the most modern and widely used Linux operating systems.