The Hidden Economy of Open Source Software
Sysdig
by Nigel Douglas
2d ago
The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines. Open source software (abbreviated as OSS) has become a cornerstone of the tech industry, influencing everything from small startups to global corporations. Despite its ubiquitous presence and foundat ..read more
Visit website
Building Honeypots with vcluster and Falco: Episode II
Sysdig
by Jason Andress
4d ago
This is part two in our series on building honeypots with Falco, vcluster, and other assorted open source tools. For the previous installment, see Building honeypots with vcluster and Falco: Episode I. When Last We Left our Heroes In the previous article, we discussed high-interaction honeypots and used vcluster to build an intentionally-vulnerable SSH server inside of its own cluster so it couldn’t hurt anything else in the environment when it got owned. Then, we installed Falco on the host and proceeded to attack the SSH server, watching the Falco logs to see the appropriate rule trigger whe ..read more
Visit website
RUBYCARP: A Detailed Analysis of a Sophisticated Decade-Old Botnet Group
Sysdig
by Sysdig Threat Research Team
5d ago
The Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we are calling RUBYCARP. Evidence suggests that this threat actor has been active for at least 10 years. Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks. This group communicates via public and private IRC networks, develops cyber weapons and targeting data, and uses its botnet for financial gain via cryptomining and phishing. This report explores how RUBYCARP operates and its motivations.&n ..read more
Visit website
CVE-2024-3094: Detecting the SSHD backdoor in XZ Utils
Sysdig
by Michael Clark
2w ago
On March 29th, 2024, a backdoor in a popular package called XZ Utils was announced on the Openwall mailing list. This utility includes a library called liblzma which is used by SSHD, a critical part of the Internet infrastructure used for remote access. When loaded, the CVE-2024-3094 affects the authentication of SSHD potentially allowing intruders access regardless of the method. Affected versions: 5.6.0, 5.6.1 Affected Distributions: Fedora 41, Fedora Rawhide *At the time of this writing Background A malicious threat actor was able to commit code to the XZ Utils Github repository on February ..read more
Visit website
The SEC Cybersecurity Disclosure Rules – Our Take
Sysdig
by Michael Isbitski
2w ago
The SEC cybersecurity disclosure rules have put a spotlight on the issue of cybersecurity within organizations. The core of the rules and related guidance can be found in the article “Assess Your Readiness Now for the SEC Cybersecurity Disclosure Rules.“ The SEC cybersecurity disclosure rules should help build momentum around the importance of governance and risk management, relevant expertise, and timely incident disclosure that are fundamental to cybersecurity programs. The disclosure rules won’t address all the inherent challenges of cybersecurity. But it’s worth further examination into th ..read more
Visit website
Assess Your Readiness Now for the SEC Cybersecurity Disclosure Rules
Sysdig
by Michael Isbitski
2w ago
The SEC’s new ‘Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure’ rule (issued on July 26, 2023) has public companies, notably smaller companies, worrying about having enough cybersecurity expertise to run a security program consistent with SEC requirements. It’s important to remember that the SEC is expanding upon previously conveyed expectations that investors should be timely-informed of material risks and how the organization is mitigating these identified risks. To that aim, companies need to follow basic security best practices and maintain effective cybersecur ..read more
Visit website
How to Prioritize Vulnerabilities with Checkmarx and Sysdig Runtime Insights
Sysdig
by Victor Hernando
3w ago
Back in August 2023, Checkmarx and Sysdig announced a new partnership. This collaboration enables customers of both Checkmarx and Sysdig to leverage the comprehensive visibility offered by Sysdig Runtime Insights to get even more value from the Checkmarx One application security platform. Nowadays, an increasing number of companies are eager to integrate runtime intelligence into their security tools. This innovative approach yields numerous benefits, such as noise reduction, and provides developers and security teams with the necessary context to focus and address the most critical issues fir ..read more
Visit website
The First CNAPP with Out-of-the-Box NIS2 and DORA Compliance
Sysdig
by Joseph Yostos
3w ago
In an era where cloud attacks and threats are happening very fast and constantly evolving, the European Union (EU) has stepped up its cybersecurity game with two new regulations: the Digital Operational Resilience Act (DORA) and the revised Directive on Security of Network and Information Systems (NIS2). With more strict requirements on compliance controls and breach disclosures, these regulations are set to transform how businesses manage their cyber risks in Europe. If you’re feeling overwhelmed by these changes, you’re not alone. That’s where Sysdig comes in. As the first CNAPP to offer out ..read more
Visit website
The Urgent Need for Real-time Cloud Detection & Response
Sysdig
by Loris Degioanni
1M ago
It is impressive how explosively the cloud security market has embraced detection and response in recent months. The industry, including both users and vendors, is rapidly acknowledging the complexity of modern cloud attacks. Facilitated by automation and APIs, attacks cannot be effectively countered with traditional solutions that lack context of cloud environments or focus solely on posture. Sysdig has been aware of this for quite some time. Sysdig began our journey, having created Falco, the open source standard for cloud-native threat detection and response. More recently, our Threat Resea ..read more
Visit website
CISO Takeaways: Sysdig’s 2024 Cloud-Native Security and Usage Report
Sysdig
by Crystal Morin
1M ago
After a year of cyber attacks making headlines worldwide, many organizations, such as MGM Resorts, Clorox, and T-Mobile, have taken a reputational hit similar to SolarWinds. Sysdig’s 2024 Cloud-Native Security and Usage Report provided some informative key takeaways that CISOs can hone in on to improve their security posture. As a CISO, you do not want to catch your organization on that list; mitigating reputational risk is a part of your job.  This seventh-annual report is based on real-world data. It isn’t skewed by opinions, so it provides factual information regarding the current stat ..read more
Visit website

Follow Sysdig on FeedSpot

Continue with Google
Continue with Apple
OR