What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-16 21:15:10 | CVE-2021-20218 (lien direct) | A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 | Vulnerability Threat | Uber | |
 |
2021-02-05 18:53:56 | New Malware Hijacks Kubernetes Clusters To Mine Monero – Experts Insight (lien direct) | Yesterday researchers from Palo Alto Networks' Unit 42 published their discovery of a never-before-seen malware, dubbed Hildegard, that is being used by the TeamTNT threat group to target Kubernetes clusters.… | Malware Threat | Uber | ★★★★ |
 |
2020-08-04 21:36:48 | UberEats data leaked on the dark web (lien direct) | Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Another day, another data breach made the headlines, this time the alleged victim is UberEATS. UberEats is an American online food ordering and delivery platform launched by Uber in 2014. During the process […] | Data Breach Threat | Uber | |
 |
2020-03-12 09:41:18 | NBlog March 12 - reflecting on privacy (lien direct) |  Anyone who read Orwell's masterpiece or saw the film "1984" appreciates the threat of mass surveillance by the state a.k.a. Big Brother. Anyone who has followed Ed Snowden's revelations knows that mass surveillance is no longer fanciful fiction. There are clearly privacy impacts from surveillance with implications for personal freedoms, assurance and compliance. At the same time, surveillance offers significant social benefits too, in other words, pros and cons which vary with one's perspective. Big Brother sees overwhelming benefits from mass surveillance and has the power, capability and (these days) the technology to conduct both overt and covert mass or targeted surveillance more or less at will. The same thing applies to other forms of surveillance and other contexts: many of us gleefully carry surveillance devices with us wherever we go, continuously transmitting information about our activities, conversations, locations, contacts and more. We may call them 'smartphones' but is that really a smart thing to do? Drug dealers and other criminals appreciate the value of burner phones, essentially buying a modicum of privacy. What about the rest of us? Are we wise to rely on the technologies, the phone companies and the authorities not to invade our privacy? Some of us are introducing IoT things into our homes, seduced by the convenience of being able to tell our smart TV to order a pizza without even getting up from the sofa. Evidently people either don't even consider the privacy implications, or accept them presumably on the basis that they own and chose to introduce the surveillance devices, and could just as easily stop and remove them (fine in theory, doesn't happen in practice).Then there are the surveillance devices we use to monitor, track or snoop on various others: baby monitors, nanny-cams, commercial and home CCTV systems, webcams, dashcams, audio bugs, covert cameras, spyware, keyloggers and more. Surveillance tech is big business, both retail, commercial and governmental/military. Need to know where a recent arrival from China has been? Simply collect the surveillance jigsaw pieces into a credible sequence and despatch the hazmat teams.Overt surveillance in the form of obvious CCTV camera installations are just the tip of the iceberg. Covert cams and bugs are already snooping on us in changing rooms, toilets, video-conference facilities, courts and mor |
Threat | Uber | |
 |
2019-12-11 14:00:00 | Google Cloud Platform security monitoring with USM Anywhere™ (lien direct) | According to a 2019 Cyber Security Report published by the International Information System Security Certification Consortium, 93 percent of organizations say they are concerned about cloud security and 28 percent admit to having experienced cloud security incidents during the past year. The reality is, most companies lack the specialized knowledge and skills needed to provide that customer data stored in the cloud is protected Cloud service providers (CSPs) do provide extra security layers, such as automating threat detection, with the intent of making their customers feel more confident in the security of the cloud. However, the number of cloud breaches that are being reported shows that CSPs and organizations alike continue to struggle with cloud security. Much of this is due to a lack of unified visibility not just in the cloud, but across an organization’s entire network, siloed teams and technologies, lack of threat intelligence, and partnerships with third-parties whose security controls are not up to snuff. To address these challenges, many in the industry are advocating for organizations to simplify and unify their security approach, i.e. bring as many controls as possible into a single solution in order to break down the silos between security teams and technologies and to give greater visibility across the organization. We at AT&T Cybersecurity help organizations to accomplish this with our Unified Security Management™ (USM) Anywhere platform. Of course, the effectiveness of any security solution is largely determined by the threat intelligence underpinning it. In any environment, we need to identify the common tactics, techniques, and procedures (TTPs) adversaries are using in their attacks. Below, we provide an overview of the latest threat intelligence from Alien Labs™ for Google Cloud Platform (GCP), which helps security practitioners to discover issues in their cloud workloads and detect adversaries exploiting attack vectors commonly seen in cloud environments. Google Cloud Platform integration in USM This summer, AT&T Cybersecurity launched the USM Anywhere™ integration with GCP. Through the USM Anywhere Alien App for GCP, USM can now consume all logging information managed by the Stackdriver utility in a configurable and intuitive way. Google Cloud Platform logs are provided through three major channels: Audit Logs. Record all events impacting objects within the environment. These logs are used to monitor any cloud assets, presenting a solid baseline for security detection. VPC Flow Logs. Half way between resource monitoring and cloud infrastructure security, these logs are the delights of NIDS enthusiasts. Firewall Logs. These help with auditing firewall rules events, and they are useful in detecting risky open ports and other configuration issues. In USM, these channels are processed by different plugins, which extract pieces of intelligence and map them to variables that are easy to steer into orchestration rules. The correlation engine allows for the combination of detections from different channels into a single orchestration rule, scaling GCP security to a new level. To prevent an intrusion from being recorded or triggering a notification, adversaries may try to disable audit logging once they get the necessary permissions. To protect against that, the product has out of the box correlation rules to generate an alert if any of the logging features is disabled. | Tool Threat Guideline | Uber | |
|
2019-10-09 15:17:25 | Quick Threat Model Links October 2019 (lien direct) | Trail of Bits released a threat model for Kubernetes. There’s some context from Aaron Small, who made the project happen. Continuum has a blog and a spreadsheet on threat modeling lambdas (as a category, not specific to Amazon Lambda), and also a post on threat modeling with CAPEC. Ntrepid has released a blog posts on… | Threat | Uber |
To see everything:
Our RSS (filtrered)
