I had an unusually productive week here at SA. This is the rundown.
First and foremost is my analysis of kubernetes and container security, which describes the landscape, the challenges, the opportunities for security vendors to fill the numerous gaps, and what else is going on here. There is a lot going on in this particular corner of the infosec universe, and I think you will find this piece interesting and helpful.
There were some shorter pieces that I also wrote:
- APIs have become popular for making authorization exploits easier and more prevalent.
- The EU is stepping into some controversial territory by adding a new regulation that would enable any government in its footprint to add compromised digital certs, making man-in-the-middle attacks easier. As you might imagine, many folks aren’t happy with this.
- Akamai has a new survey that shows the big benefits of network segmentation. While this shouldn’t surprise anyone who has been doing networking for the past five minutes, what is troubling is how infrequently IT admins actually segment their networks.
- New Iranian state-sponsored hacking campaigns also shouldn’t be newsworthy, except that they are getting more tenacious and better at their exploits.
- Russia is hard at work trying to reinvent the Virus Total wheel so they can share their own exploits without having to let anyone outside of their cabal see what is going on.
- Here is my take on Biden’s latest AI-themed executive order. It might be tough to actually pull off, but it is a very detailed plan.
- The Citrix Bleed vulnerability is a nasty one, and requires immediate patching of your NetScaler devices because of that.
- Finally, Cisco Talos’ intel group figured out a new phishing scam that uses Google Forms’ quiz templates to collect email addresses. My guess is that Google will figure out a way to shut this stuff down.