The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Source code management (SCM) is a core component of DevOps. In addition to storing and sharing source code, SCM tools maintain an ongoing history of changes. Reviewing this history provides numerous insights into your development process, including: How often code changes are submitted, The impact of changes on application performance, Which changes result in errors, bugs, or broken builds.
Recently, a member of the Falco community privately disclosed a capacity related vulnerability which, under circumstances where a malicious actor has already gained access to your system, could allow the actor to further bypass Falco’s detection of abnormal activity. The final details are still being worked out, but we believe the CVE will be classified as Medium severity according to the CVSS methodology.
We are happy to announce the release of Falco 0.15.0. This release incorporates a number of improvements, as well as bug fixes, and rules updates. This release also includes a mitigation for CVE-2019-8339, and all users are encouraged to update to this release. You can find more details about the features and improvements in the release notes, but below are a few highlights.
We are now happy to release the 6th update to the CFEngine 3.10 LTS series. This update comes with many important stability and performance improvements and is thus well worth the upgrade from an older version of 3.10 LTS.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we discuss the growing concern about ransomware-as-a-service among organisations across the globe.
MITRE ATT&CK is a comprehensive knowledge base and complex framework of over 200 techniques that adversaries may use over the course of an attack. While MITRE’s full ATT&CK framework is publicly available, it can be characterized into 3 key elements.
WordPress is the most popular CMS in the world, accounting for more than 60% of the market. The reasons for such popularity are obvious: it’s a convenient and powerful system with dozens of built-in tools and thousands of themes and plugins. WordPress offers numerous benefits and allows you to quickly create a customized website, no matter whether you have a news blog or an e-commerce business.
Whether an active member of the ELK community or just a happy user, you’ve probably heard of a recent data breach involving Elasticsearch. Indeed, not a month goes by where we don’t come across an article or research showcasing a set of sensitive information exposed on an Elasticsearch cluster.