Operations | Monitoring | ITSM | DevOps | Cloud

From credential theft to network vulnerability exploitation and ransomware incidents on highly secure organizations, the year 2020 has been surprisingly rough on IT security. In the wake of the COVID-19 pandemic, companies around the world are reporting more cyberattacks than ever before, and although the techniques used or the method of attack may be new, the vectors of attack over the years remain unchanged.

File sharing is a method used by some organizations where multiple employees have access to the same files. How the files are accessed does vary depending on the user environment. The files could be shared between two computers, where the files are stored on one computer and another user accesses them from their workstation. The files might be stored on a network file server instead of on a local workstation.

We’re excited to announce that Calico Enterprise, the leading solution for Kubernetes networking, security and observability in hybrid and multi-cloud environments, now includes encryption for data-in-transit.

Heaven on Earth would be a world with no outages. No slow load times. No failed switches or routers. No bandwidth issues. Just peace and quiet. But if nothing were to go wrong on a daily basis, what would IT pros spend their time doing? Outages make up a large part of an IT pro’s job. Monitoring networks and finding the source of outages can be time-consuming and take away effort from other tasks.

Here at Splunk, when we discuss Splunk Phantom with customers we end up talking about phishing pretty frequently because it’s something like Olivia outlined in a recent blog post, "Between Two Alerts: Phishing Emails — Don’t Get Reeled In!", customers both encounter and talk to us about all the time. It makes a lot of sense — phishing is a super common issue that almost everyone deals with ad nauseum and it’s annoying to investigate.

This article contains useful tips to implement SOC 2 compliance for containers and Kubernetes. The Service Organization Controls (SOC) reports are the primary way that service organizations provide evidence of how effective their controls are for finance (SOC 1) or securing customer data (SOC 2, SOC 3). These reports are issued by the American Institute of Certified Public Accountants (AICPA).

Protecting your identity is becoming more and more difficult. Though many people don’t stop to consider it, even the most minor conveniences can go hand in hand with an incredible amount of privacy loss. For example, Amazon recently debuted new hand scanners in stores in Seattle where you can scan your palm to make a purchase.

While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8566) in Kubernetes that may cause sensitive data leakage. You would be affected by CVE-2020-8566 if you created a Kubernetes cluster using ceph cluster as storage class, with logging level set to four or above in kube-controller-manager. In that case, your ceph user credentials will be leaked in the cloud-controller-manager‘s log.

“My job here at Atlassian is to commit crimes and then write very, very detailed confession letters – metaphorically speaking.” Meet Alex: an engineer on our security intelligence team with a wry wit and a penchant for pop-color hair. Less metaphorically speaking, the team’s job (our red team, in particular) is to hack Atlassian’s systems exactly as real attackers would.