Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions. Read More HERE…
Trend Micro Research : Cloud
Security Risks in Logistics APIs Used by E-Commerce Platforms
Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and consumers. Read More HERE…
Security Breaks: TeamTNT’s DockerHub Credentials Leak
One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022. Read More HERE…
How Malicious Actors Abuse Native Linux Tools in Attacks
Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact. Read More HERE…
Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques
We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns. We provide an alternative approach to Distroless that reduces the attack surface for malicious actors targeting cloud-native applications while optimizing cloud resources. Read More HERE…
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report
This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.” Read More HERE…
Analyzing the Hidden Danger of Environment Variables for Keeping Secrets
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows. Read More HERE…
Protecting S3 from Malware: The Cold Hard Truth
Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient. Read More HERE…
What Exposed OPA Servers Can Tell You About Your Applications
This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security. Read More HERE…
Improve Threat Detection & Response with OCSF
New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier Read More HERE…