Cloud Security

Discover Cloud Security News

Rust-Based Edera: Locking Down Container Security Once and For All

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine this new, innovative approach to container security, which could be a game-changer in the industry!

Brittany Day
Apr 12, 2024

Docker, Hadoop, Confluence, Redis at Risk of New Cryptomining Attack

A recent attack campaign targeted publicly accessible Docker, Hadoop, Confluence, and Redis deployments. The attackers exploited misconfigurations and known vulnerabilities to implant cryptominers on compromised systems. As Linux admins, infosec professionals, Internet security enthusiasts, and sysadmins, it is crucial to understand the implications of this attack and take appropriate measures to protect our systems.

Brittany Day
Mar 08, 2024

8220 Hacker Group Targets Cloud Systems To Mine Crypto

A recent increase in attacks has been observed from the 8220 Gang, a cybercriminal group from China. The group has become notorious for infiltrating cloud-based infrastructure and exploiting vulnerabilities to mine cryptocurrency from Linux and Windows users.

Brittany Day
Feb 27, 2024

8.Locks HexConnections CodeGlobe Esm H200

How Seccomp Profiles Can Improve Kubernetes Security

Seccomp, which comes from "secure computing mode," is a built-in security feature in the Linux kernel that limits the system calls a process can make. Seccomp profiles in Kubernetes help minimize attack surfaces and prevent malicious code execution.

Brittany Day
Feb 22, 2024

How eBPF Can Help IT Teams Improve Security & Observability

There are various advantages of using Extended Berkeley Packet Filter (eBPF), a Linux kernel technology, to enhance observability and improve security in IT operations. Efficient data collection is critical, and traditional observability tools are limited in this regard.

Anthony Pell
Feb 13, 2024

Kubernetes Security Best Practices for 2024

The dynamic Kubernetes security landscape has given rise to several trends shaping how organizations approach this increasingly critical area. The aim of Kubernetes security is to prevent unauthorized access, foster data privacy, and protect the integrity of a Kubernetes environment. Robust Kubernetes security requires a defense-in-depth approach, including measures such as access control, network policies, resource isolation, and security context. Let's explore best practices you can implement to secure your Kubernetes clusters and the workloads and data running within them in 2024.

Anthony Pell
Feb 03, 2024

Are You Looking for Linux Vulnerabilities in the Right Places?

Scanning for vulnerabilities in the right places is critically important in securing your Linux environment. While vulnerability scanning initially involved scanning Linux hosts, it has since shifted to scrutinizing container images. However, in the world of vulnerability management, we often focus on scanning images in registries and CI/CD processes but forget to monitor vulnerabilities where it really matters: container images that are actually running.

Dave Wreski
Jan 21, 2024

Unleashing the Power of LOKI: Linux, OpenStack and Kubernetes Infrastructure

The LOKI stack is a powerful infrastructure that combines Linux, OpenStack, and Kubernetes in the ever-changing landscape of cloud infrastructure. OpenStack reports that Kubernetes was now used on more than 85% of OpenStack installations, indicating how these technologies are becoming increasingly integrated, as opposed to the idea of either-or choices.

Brittany Day
Jan 13, 2024

20.Lock AbstractDigital Circular Esm H200

What Is eBPF? The Ultimate Guide

eBPF stands for extended Berkeley Packet Filters, which are a way of running programs on network interfaces. There are two types of BPF: classic and extended. Classic BPFs were introduced in Linux 2.6.25, while extended BPFs were introduced with Linux 4.0 (2010), allowing for more functionality than classic BPFs.

Brittany Day
Dec 26, 2023

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

This article from The Hacker News presents a nerve-racking revelation about how cyber threat actors are adapting to the evolving digital landscape.

Brittany Day
Nov 21, 2023

Kubernetes Security on AWS: A Practical Guide

Kubernetes security is safeguarding your Kubernetes clusters, the applications they host, and the infrastructure they rely on from threats. As a container orchestration platform, Kubernetes is incredibly powerful but presents a broad attack surface for potential adversaries.

Brittany Day
Nov 18, 2023

eBPF Offers a New Way to Secure Cloud Native Systems

Security providers are using eBPF for observability to prevent attacks, detect and remediate high-priority vulnerabilities (and to distinguish between severe and less severe vulnerabilities), to detect suspicious activity and other uses.

Brittany Day
Oct 25, 2023

A Holistic Approach to Closing the Container Security Gap

Among cloud developers, Kubernetes is now a widely used platform. It's not immune to security incidents, however, and these can lead to loss of revenue or customers.

Brittany Day
Aug 25, 2023

Threat Actors Use AWS SSM Agent as a Remote Access Trojan

Threat actors have been observed using Amazon Web Services (AWS) 's System Manager (SSM) agent as a Remote Access Trojan (RAT) on Linux and Windows machines.

Brittany Day
Aug 03, 2023

Cilium 1.14 Expands Networking Beyond Kubernetes, Offers Higher Speeds

Cilium, an open-source networking, security and observability project, has released version 1.14 with an array of connectivity, security and observability updates. The Cilium 1.14 update also introduces new mesh capabilities, high-speed networking and security enhancements.

Brittany Day
Jul 29, 2023

Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining

A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal.

Brittany Day
Jul 12, 2023

What eBPF Means for Container Threat Detection

With eBPF monitoring container activity from the kernel layer, many of the challenges associated with observability in the cloud are solved.

Brittany Day
May 06, 2023

14 Kubernetes and Cloud Security Challenges and How to Solve Them

A recent report entitled Cloud Native and Kubernetes Security Predictions 2023 underscores the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets.

Brittany Day
May 06, 2023

Kubernetes vs. Docker: Exploring the Synergy in Containerization

Learn about the advantages of using Kubernetes and Docker together, including enhanced security. "Kubernetes and Docker offer security features such as network isolation, access controls, and image signing. These features help secure containerized applications and protect sensitive data."

Brittany Day
Apr 10, 2023

Kubernetes Architecture and its Security

Kubernetes is an open-source container orchestration platform that provides an efficient and scalable way to manage containerized workloads and services. The platform is based on a distributed architecture that enables it to manage and scale containerized applications across multiple nodes in a cluster. It plays a vital role in ensuring data security in containerized environments, providing "multiple layers of security measures" to protect the data.

Brittany Day
Apr 10, 2023

Rust-Based Edera: Locking Down Container Security Once and For All

Docker, Hadoop, Confluence, Redis at Risk of New Cryptomining Attack

8220 Hacker Group Targets Cloud Systems To Mine Crypto

Discover Cloud Security News

Rust-Based Edera: Locking Down Container Security Once and For All

Docker, Hadoop, Confluence, Redis at Risk of New Cryptomining Attack

8220 Hacker Group Targets Cloud Systems To Mine Crypto

How Seccomp Profiles Can Improve Kubernetes Security

How eBPF Can Help IT Teams Improve Security & Observability

Kubernetes Security Best Practices for 2024

Are You Looking for Linux Vulnerabilities in the Right Places?

Unleashing the Power of LOKI: Linux, OpenStack and Kubernetes Infrastructure

What Is eBPF? The Ultimate Guide

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Kubernetes Security on AWS: A Practical Guide

eBPF Offers a New Way to Secure Cloud Native Systems

A Holistic Approach to Closing the Container Security Gap

Threat Actors Use AWS SSM Agent as a Remote Access Trojan

Cilium 1.14 Expands Networking Beyond Kubernetes, Offers Higher Speeds

Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining

What eBPF Means for Container Threat Detection

14 Kubernetes and Cloud Security Challenges and How to Solve Them

Kubernetes vs. Docker: Exploring the Synergy in Containerization

Kubernetes Architecture and its Security

LinuxSecurity Poll

How did you hear about LinuxSecurity.com?

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By