Autonomous SOC PlatformConducting Digital Forensics Incident Response (DFIR) on an Infected GitLab Server
GitLab servers are under attack with a now-patched critical vulnerability Earlier this week we investigated an incident that occurred on a new...
Genetic Analysis and Lessons Learned from REvil Attack
Validating your Software Supply Chain for Tampering SolarWinds, Codecov and now Kaseya are the latest supply chain attacks we know about. In...
Why Relying on the Cloud Provider for Security is Not Enough
73% of organizations using the cloud are not sure which parts of security fall under their responsibility. Ultimately, the customer is responsible for...
9 Tools to Use Right Now to Improve Azure Platform Security
Security is changing as companies move their mission-critical workloads to the cloud, with Azure as one of the preferred destinations. Security in Azure follows...
7 Most Important AWS Security Tools
Like all leading cloud service providers, AWS follows a shared responsibility model for security and compliance. While platform-level security is owned and managed...
CVE-2021-27075: Microsoft Azure Vulnerability Allows Privilege Escalation and Leak of Private Data
In this post I will explain how the Microsoft Azure Virtual Machine (VM) extension works and how we found a fatal vulnerability in...
How to Secure Cloud Non-Native Workloads
Not All Applications are Cloud-Native Companies are adopting cloud at a faster pace but not all applications are born cloud-native. Many traditional...
Royal Flush: Privilege Escalation Vulnerability in Azure Functions
One of the most common benefits of transitioning to cloud services is the shared responsibility for securing your assets. But cloud providers...
Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys
New Malware Variant Exploits Production Environment Rocke Group is a Chinese-based threat actor most known for running cryptojacking malware on Linux machines. The...