Tag: container
-
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks
Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Linux rootkits have evolved significantly. While early threats relied on easily detectable userland shared object injections…
-
The Top 5 Questions: How DSPM Illuminates the Murky World of Multi-Cloud Data Security
Tags: access, ai, api, attack, breach, cloud, compliance, computing, container, control, corporate, cryptography, cyber, data, data-breach, detection, encryption, exploit, firewall, intelligence, mitigation, monitoring, PCI, resilience, risk, risk-assessment, service, software, strategy, tactics, threat, tool, vulnerabilityThe Top 5 Questions: How DSPM Illuminates the Murky World of Multi-Cloud Data Security andrew.gertz@t“¦ Thu, 03/05/2026 – 16:09 Multi-cloud data security threats are escalating at an unprecedented rate. According to Forrester and the 2025 Thales Global Cloud Data Security Study, the primary drivers of multi-cloud risks are: growing complexity, insufficient access controls, and the…
-
Should Cloud Be Classed as Critical Infrastructure?
Tags: access, authentication, banking, breach, business, cloud, compliance, computing, container, control, cyber, cybersecurity, data, dora, encryption, fido, finance, framework, governance, Hardware, healthcare, identity, incident, infrastructure, mfa, network, nis-2, radius, regulation, resilience, risk, saas, service, strategy, supply-chain, technologyShould Cloud Be Classed as Critical Infrastructure? madhav Thu, 03/05/2026 – 09:53 Over the past few years, large-scale cloud outages have demonstrated just how deeply digital services are woven into the fabric of modern society. When widely used cloud platforms experience disruption, the impact extends far beyond individual applications; banking services stall, transport systems falter,…
-
VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave
VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fingerprints its surroundings to detect major clouds such as AWS, GCP, Azure, Alibaba, and Tencent, and distinguishes whether it is…
-
VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave
VoidLink marks a turning point in how adversaries target Kubernetes and AI workloads, signaling a shift toward cloud-native, AI-aware malware frameworks that live where modern value is created: inside containers, pods, and GPU clusters.research. It fingerprints its surroundings to detect major clouds such as AWS, GCP, Azure, Alibaba, and Tencent, and distinguishes whether it is…
-
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
100-plus prebuilt tool recipes and a human-readable YAML-based extension system;Attack-chain graph, risk scoring, and “step-by-step replay”;Password-protected web user interfaces (UIs) and audit logs;A knowledge base with vector search, hybrid retrieval, and searchable archives;Vulnerability management with create, read, update, delete (CRUD) operations, severity tracking, status workflow, and statistics;Batch task management that can organize task queues and…
-
AI Emerges as the New Insider Threat: Thales Releases the 2026 Data Threat Report
Tags: access, ai, api, attack, business, cloud, compliance, container, control, credentials, cyber, data, deep-fake, encryption, governance, identity, infrastructure, risk, saas, skills, software, strategy, theft, threat, toolAI Emerges as the New Insider Threat: Thales Releases the 2026 Data Threat Report madhav Tue, 03/03/2026 – 15:00 Over the past year, I’ve watched AI move to operational reality across nearly every industry we work with. The conversation is no longer about whether AI will transform business. It already has. Cybersecurity Todd Moore –…
-
When Payment Data Becomes the Weakest Link
Tags: access, awareness, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, encryption, fraud, least-privilege, PCI, radius, risk, service, software, strategy, threatWhen Payment Data Becomes the Weakest Link madhav Thu, 02/26/2026 – 10:56 Most cybersecurity incidents don’t begin with an attack. They begin with a design decision. Four people experienced that reality in the same week. Different roles. Different systems. One shared outcome. Cybersecurity Karen Kelvie – Product Marketing, Data Protection More About This Author >…
-
Starkiller Phishing Framework Bypasses Defenses with Reverse Proxies, Takes an SaaS Approach
Starkiller is a new SaaS-style phishing framework that runs real brand websites inside headless Chrome containers, acting as a live reverse proxy to steal credentials, session tokens, and MFA-protected accounts while evading traditional detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/starkiller-phishing-framework-bypasses-defenses-with-reverse-proxies-takes-an-saas-approach/
-
Master Your Passwordless Future: Introducing Thales Authenticator Lifecycle Manager
Tags: access, attack, authentication, automation, breach, compliance, container, control, data, fido, Hardware, identity, login, msp, phishing, service, software, tool, zero-trustMaster Your Passwordless Future: Introducing Thales Authenticator Lifecycle Manager madhav Tue, 02/24/2026 – 07:53 The move to passwordless authentication is no longer a distant goal; it’s a present-day necessity. Organizations are rapidly adopting FIDO2 authenticators to defend against phishing and strengthen their security posture. While this shift enhances security, it introduces a new challenge: managing…
-
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s “dynamic objects” feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so they allow adversaries to bypass quotas, pollute access lists, and persist in the cloud, leaving forensic investigators with nothing to analyze. Key takeaways The threat: Dynamic objects self-delete without leaving any traces, or “tombstones” in AD…
-
Why the shift left dream has become a nightmare for security and developers
The “shift left” approach has increased pressure on developers, as speed demands override security checks in modern CI pipelines. Qualys explains how analyzing 34,000 public container images revealed 7.3% were malicious and why security must be enforced at the infrastructure layer by default. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-the-shift-left-dream-has-become-a-nightmare-for-security-and-developers/
-
Shadow Machines: The Non-Human Identities Exposing Your Cloud AI Stack
Tags: access, ai, api, authentication, automation, business, cloud, compliance, container, control, credentials, data, encryption, framework, governance, iam, identity, infrastructure, iot, jobs, login, mfa, password, risk, risk-management, saas, service, software, strategy, supply-chain, toolShadow Machines: The Non-Human Identities Exposing Your Cloud & AI Stack madhav Thu, 02/19/2026 – 06:30 The machines we don’t see are the ones running our businesses. Unfortunately, most IAM systems do not track them. In an ironic twist, the ghost in the machine has become the machine itself: invisible, autonomous, and increasingly beyond human…
-
Millionen Chrome-Erweiterungen geben Browserverlauf preis
Eine Sicherheitslücke in beliebten Chrome-Erweiterungen führt dazu, dass der Browserverlauf der Anwender offengelegt ist.Ein Sicherheitsforscher mit dem Pseudonym ‘Q Continuum” hat 287 Chrome-Erweiterungen entdeckt, die den Browserverlauf exfiltrieren. ‘Die Akteure hinter den Lecks sind vielfältig: Similarweb, Curly Doggo, Offidocs, chinesische Akteure, viele kleinere, unbekannte Datenbroker sowie ein mysteriöses Unternehmen namens “šBig Star Labs’, das offenbar…
-
Leaky Chrome extensions with 37M installs caught divulging your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
-
Leaky Chrome extensions with 37M installs caught shipping your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
-
Gartner® Names Tenable as the Current Company to Beat for AI-Powered Exposure Assessment in a 2025 Report
Tags: access, ai, api, attack, automation, business, cloud, container, cyber, cybersecurity, data, exploit, finance, flaw, gartner, governance, identity, intelligence, iot, leak, network, risk, service, technology, threat, tool, update, vulnerability“Tenable’s asset and attack surface coverage, its application of AI and its reputation for vulnerability assessment makes it the front-runner in AI-powered exposure assessment,” Gartner writes in “AI Vendor Race: Tenable Is the Company to Beat for AI-Powered Exposure Assessment.” Key Takeaways from Tenable: This is the latest among a recent string of recognitions Tenable…
-
The ephemeral infrastructure paradox: Why short-lived systems need stronger identity governance
Tags: access, automation, cloud, container, credentials, data, framework, github, governance, identity, infrastructure, jobs, network, risk, service, software, toolFigure 1: Governance must move from static reviews to a continuous lifecycle of issuance, verification and automated expiration. Niranjan Kumar Sharma 1. Identity must be cryptographic We must stop relying on IP allowlists. In a world of dynamic containers, network location is a poor proxy for trust.We need to move toward cryptographic identity. Every workload…
-
Docker AI Bug Lets Image Metadata Trigger Attacks
AI Assistant Executes Hidden Commands Embedded in Docker Image Labels. A vulnerability in Docker’s Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform’s image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker’s AI execution chain. First seen on govinfosecurity.com Jump…
-
Microsoft Unveils LiteBox, a Rust-Based Approach to Secure Sandboxing
Microsoft has released LiteBox, an experimental open-source library OS designed to sandbox applications while reducing their exposure to host systems. Written in Rust and published under the MIT license, LiteBox reflects the company’s efforts to upgrade software security as confidential computing gains adoption. LiteBox takes a different path from traditional virtualization or container technologies. Rather..…
-
Four new vulnerabilities found in Ingress NGINX
Tags: access, api, authentication, container, cve, cybersecurity, data, exploit, group, injection, jobs, kubernetes, malicious, risk, service, strategy, vulnerabilitycustom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the auth-url annotation may be accessed even when authentication fails.CVE-2026-24512 is a configuration injection vulnerability where the rules.http.paths.path Ingress field can be used to inject configuration into nginx.…
-
Öffentliche Containerregister bergen ein stilles Risiko für die Lieferkette
Wirksamer Schutz erfordert einen ganzheitlichen Blick: Die Herkunft und Integrität von Container-Images sollten vor ihrem Einsatz geprüft und nachvollziehbar dokumentiert werden. Ergänzend braucht es technische Kontrollen vor dem Deployment First seen on infopoint-security.de Jump to article: www.infopoint-security.de/oeffentliche-containerregister-bergen-ein-stilles-risiko-fuer-die-lieferkette/a43521/
-
Öffentliche Container-Register Unterschätztes Risiko in der Software-Supply-Chain
Container-Technologien sind ein zentrales Element moderner Software- und IT-Supply-Chains. Öffentliche Container-Registries dienen dabei als schnelle Bezugsquelle für Basis-Images, Laufzeitumgebungen und Frameworks. Was Effizienz und Skalierbarkeit verspricht, bringt jedoch ein oft unterschätztes Risiko mit sich: Jeder Pull eines Images aus einer öffentlichen Registry ist faktisch eine Vertrauensentscheidung und damit ein potenzieller Einstiegspunkt für Angriffe entlang […]…
-
Outages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard.
Tags: access, ai, attack, breach, business, cloud, compliance, computing, container, control, csf, cyberattack, data, defense, detection, dora, encryption, finance, framework, government, nist, regulation, resilience, service, software, strategy, technologyOutages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard. madhav Tue, 02/03/2026 – 05:21 No company is spared the pain of outages. But their impact can be mitigated by how resilient you build your business architecture. And who you choose to partner with can significantly determine how effective that will be.…
-
Startup Amutable plotting Linux security overhaul to counter hacking threats
Tags: attack, backdoor, ceo, cloud, computer, computing, container, cve, cybercrime, data, exploit, fortinet, hacking, infrastructure, kubernetes, linux, microsoft, open-source, skills, software, startup, supply-chain, technology, threat, tool, training, vpn, vulnerabilitysystemd, he has alongside him two other ex-Microsoft employees, Chris Kühl as CEO, and Christian Brauner as CTO.A clue to Amutable’s plans lies in the announcement’s emphasis on some of its founders’ backgrounds in Kubernetes, runc, LXC, Incus, and containerd, all connected in different ways to the Linux container stack. Computing is full of security…
-
Why Container Security Remains a Challenge for Developers
A BellSoft survey shows container security incidents are common due to reactive practices and complexity. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/why-container-security-remains-a-challenge-for-developers/
-
Why Container Security Remains a Challenge for Developers
A BellSoft survey shows container security incidents are common due to reactive practices and complexity. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/why-container-security-remains-a-challenge-for-developers/
-
Java developers want container security, just not the job that comes with it
BellSoft survey finds 48% prefer pre”‘hardened images over managing vulnerabilities themselves First seen on theregister.com Jump to article: www.theregister.com/2026/01/30/java_developers_container_security/