NetworkingNexus.net

Kubernetes Security: Lateral Movement Detection and Defense

What is Lateral Movement?

Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs). An adversary uses these techniques to access other hosts from a compromised system and get access to sensitive resources, such as mail systems, shared folders, and legitimate credentials, ultimately gaining access to the identified target. Lateral movement techniques enable a threat actor to avoid detection and retain access over an extended dwell time of weeks, or even months, after the initial breach.

What are the Stages of Lateral Movement?

There are three primary stages of lateral movement: reconnaissance, credential/privilege gathering, and gaining access to other resources in the network.

How Does an Adversary Gain Unauthorized Access to a Kubernetes Cluster?

In a Kubernetes cluster, an attacker will gain initial access by compromising a pod. Once the pod is compromised, there are three main areas where the attacker can begin reconnaissance and move through the lateral movement stages to learn more about the cluster: the cloud provider metadata service, the pod networking and Continue reading

GitLab Acquires Peach Tech and Fuzzit to Expand its DevSecOps Offering

GitLab has acquired Peach Tech, a security software firm specializing in protocol fuzz testing and...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

SD-WAN an Enterprise Favorite for Securing the Cloud

Of those surveyed, 74% reported had deployed or plan to deploy SD-WAN to secure cloud workloads.

Cradlepoint Partners With Rigado to Deliver a Safe Workplace Solution Using NetCloud Edge Containers and Built on Microsoft Azure

Cradlepoint announced that Rigado joined its Technology Alliance Partner program to build a Safe...

Read More »

How to backup essential data but not the garbage

Something as simple as how you tell your backup product which files and databases to backup can have a massive impact on your recoverability. Proper backup selection is essentially a balance between ensuring that everything that should be backed up is indeed backed up, while also trying not to backup worthless data.Physical server inclusion Virtually all backup products require some initial installation and configuration at the level of a physical server. This means that for any of the tactics mentioned in this article to work, one must first install the appropriate software and authorization on each physical server in the data center. This means every VMware or Hyper-V server (not to be confused with each VM on those servers), every physical UNIX or Windows server, and any cloud services that are being backed up. Someone must make that initial connection and authentication before the backup system can perform its magic.To read this article in full, please click here

Server Spending Measures Aspiration As Much As Oomph

Sometimes, to get the proper perspective, you have to take the long view. …

Server Spending Measures Aspiration As Much As Oomph was written by Timothy Prickett Morgan at The Next Platform.

Daily Roundup: Amazon Won’t Sell Facial Recognition to Police

Amazon said it wouldn't sell facial recognition to police; Nokia mellowed its 5G outlook for 2020;...

Read More »

Microsoft Joins Amazon, IBM With Facial Recognition Ban

Company President Brad Smith said it does not sell that technology today and is in favor of a...

Read More »

Juniper CTO Dishes Edge Cloud Strategy

Open RAN and the rise of 5G presents an opportunity for Juniper to play in a market it hasn’t...

Read More »

Who’s Hiring?

InterviewCamp.io has hours of system design content. They also do live system design discussions every week. They break down interview prep into fundamental building blocks. Try out their platform.

Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.

Need excellent people? Advertise your job here!

Cool Products and Services

Developers care about shipping secure applications. Application security products and processes, however, have not kept up with advances in software development. There are a new breed of tools hitting the market that enable developers to take the lead on AppSec. Learn how engineering teams are using products like StackHawk and Snyk to add security bug testing to their CI pipelines.

Learn the stuff they don’t teach you in the AWS docs. Filter out the distracting hype, and focus on the parts of AWS that you’d be foolish not to use. Learn the Good Parts of AWS. Created by former senior-level AWS engineers of 15 years.

Stateful JavaScript Apps. Effortlessly add state to your Javascript apps with FaunaDB. Generous free tier. Try Continue reading

Google Taps Telefónica for Telco Cloud Edge Expansion

The deal includes Google opening a new cloud region in Spain and Telefónica using Google Cloud’s...

Read More »

SonicWall Adds SD-Branch Functionality, Switches

The SD-branch capabilities will enable customers to remotely provision and manage branch...

Read More »

Containerize Your Go Developer Environment – Part 1

When joining a development team, it takes some time to become productive. This is usually a combination of learning the code base and getting your environment setup. Often there will be an onboarding document of some sort for setting up your environment but in my experience, this is never up to date and you always have to ask someone for help with what tools are needed.

This problem continues as you spend more time in the team. You’ll find issues because the version of the tool you’re using is different to that used by someone on your team, or, worse, the CI. I’ve been on more than one team where “works on my machine” has been exclaimed or written in all caps on Slack and I’ve spent a lot of time debugging things on the CI which is incredibly painful.

Many people use Docker as a way to run application dependencies, like databases, while they’re developing locally and for containerizing their production applications. Docker is also a great tool for defining your development environment in code to ensure that your team members and the CI are all using the same set of tools.

We do a lot of Go development Continue reading

Amazon Stops Selling Police Its Facial Recognition Tech

“We’ve advocated that governments should put in place stronger regulations to govern the...

Read More »

IPv6 Buzz 053: Applications And IPv6

In this week's IPv6 Buzz episode, Scott and Tom discuss applications and IPv6 with Dan York. They also talk to Dan about his role at the Internet Society and pro-IPv6 ISOC programs such as Deploy360 and Open Standards Everywhere.

IPv6 Buzz 053: Applications And IPv6

The post IPv6 Buzz 053: Applications And IPv6 appeared first on Packet Pushers.

Tech Bytes: Solving Common Network Issues With Apstra’s Intent-Based Networking (Sponsored)

Today's Tech Byte episode, sponsored by Apstra, delves into solving common network problems with Intent-Based Networking (IBN), including how a customer used Apstra AOS to troubleshoot an EVPN issue. Our Apstra guests are Sean Hafeez, VP of Product Management; and Jeff Tantsura, Head of Networking Strategy.

Tech Bytes: Solving Common Network Issues With Apstra’s Intent-Based Networking (Sponsored)

The post Tech Bytes: Solving Common Network Issues With Apstra’s Intent-Based Networking (Sponsored) appeared first on Packet Pushers.

Project Galileo’s 6th year Anniversary: The Impact of COVID-19 on the most vulnerable groups on the Internet

Consistent with our mission to “help build a better Internet,” Cloudflare believes that one of the most important roles for the Internet is to empower marginalized voices that may not be heard, or bring together oppressed groups of people that may otherwise find themselves isolated and alone. Six years ago, Cloudflare started Project Galileo to provide free services to vulnerable nonprofits, journalism and independent media voices online who might otherwise be in danger of being silenced by cyberattacks. Much has changed in the past couple of months as the COVID-19 pandemic has transformed the world while the United States faces a wave of protests addressing racial violence and inequality. These events have put further strain on vulnerable groups working in these spaces, and we have seen many organizations step up to ensure that those who are most affected by these circumstances are protected. At Cloudflare, we believe that protecting these groups from attack is essential to helping build a better Internet.

We are excited to mark the 6th anniversary of the project this month, and it is a good time for us to reflect, talk to participants, and see how the Project has grown and changed over the course of Continue reading

Example: Fully-Automated AWS Network Infrastructure Deployment

Regular readers of my blog probably remember the detailed explanations Erik Auerswald creates while solving hands-on exercises from our Networking in Public Cloud Deployments online course (previous ones: create a virtual network, deploy a web server).

This time he documented the process he went through to develop a Terraform configuration file that deploys full-blown AWS networking infrastructure (VPC, subnets, Internet gateway, route tables, security groups) and multiple servers include an SSH bastion host. You’ll also see what he found out when he used Elastic Network Interfaces (spoiler: routing on multi-interface hosts is tough).

Keep reading

« Previous 1 … 940 941 942 943 944 … 3,841 Next »