Operations | Monitoring | ITSM | DevOps | Cloud

Contributor and CFEngine Champion, Jon Henrik Bjørnstad, developed a tool for encrypting files using CFEngine host keys, called cf-keycrypt. Thank you to Jon Henrik and all of our contributors for helping improve the CFEngine project. Our developer, Vratislav Podzimek, recently took some time to review the cf-keycrypt code, and made many improvements and fixes.

This CVE is a Server Side Request Forgery (SSRF) vulnerability in kube-controller-manager that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master’s host network (such as link-local or loopback services).

A growing attack surface and the exponential rise of data has opened the floodgates for breaches, leading to increased scrutiny by regulatory agencies. It’s not surprising that in recent years, regulators have had to double down with compliance mandates that are more stringent and punitive than ever before.

In May 2019, Bloomberg Government reported that Federal agencies planned to move 272 information technology programs to the cloud in FY2020. Fast forward to April 2020 — they reported that there are more than 1,800 federal IT programs that are either migrating or considering migrating to the cloud in fiscal 2021, signifying a rapid increase in cloud adoption in the federal government. How might COVID-19 affect this explosive increase in cloud interest?

Reverse shell is a way that attackers gain access to a victim’s system. In this article, you’ll learn how this attack works and how you can detect it using Falco, a CNCF project, as well as Sysdig Secure. Sometimes, an application vulnerability can be exploited in a way that allows an attacker to establish a reverse shell connection, which grants them interactive access to the system.

In life, risks can be perceived both negatively and positively. Taking a risk can sometimes yield great results, but other times, a risk is a yellow light of caution. For businesses in particular, if not managed properly, IT risks like malware malfunctions and employee errors can range in size and occur in several areas. The result is disruption and valuable time being used to resolve the issue. But even with risk present, there are measures IT can put in place to ward them off.

Face it. Your IT systems may be secure today, but what about next week? Granted, as stated by the Center for Internet Security (CIS), you and your team members must operate in a constant stream of new information—software updates, patches, security advisories, threat bulletins, and more. But as you know, attackers have access to the same information and can leverage gaps between the onset of new knowledge and remediation.

Security is vital for protecting company assets and data subjects. Evolving data protection regulations, like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), have thrown light on security breaches and the security architecture of those compromised. In 2019, the global average cost for a data breach was $3.9 million, not including reputational damage and hidden costs.

Today, we are pleased to announce the expansion of Sysdig’s relationship with IBM to extend cloud security governance with IBM Cloud Pak for Multicloud Management. Through a new OEM agreement, Sysdig Secure and the Sysdig Secure DevOps Platform are now available through IBM and IBM Business Partners. The combined IBM and Sysdig offering delivers centralized cloud visibility, governance and automation with in-depth container security intelligence for Red Hat OpenShift.