General

Intrusion Detection / Intrusion Prevention Systems (IDS/IPS) play an essential role in cybersecurity by detecting and blocking threats that have penetrated endpoint and perimeter defenses.
Open-source Suricata is one of the most widely deployed IDS/IPS, developed and maintained by the Open Information Security Foundation (OISF), a community-run non-profit foundation. It is used by enterprises and public organizations to protect networks, by consultants to provide cybersecurity services, and by vendors who build more comprehensive commercial cybersecurity solutions on top of Suricata.

The use of telehealth has grown by leaps and bounds since the arrival of COVID-19. The pandemic made many in the medical profession realize that not everyone has the ability to leave their home to get quality care. The good news is that the tech has evolved greatly during this time, and now you can do just about everything from discussing symptoms to getting a prescription filled over the computer.
However, as with anything digital, there is a risk of cybercrime. Hackers can breach telehealth platforms and listen in on your conversations or steal the information that you input during the consultation. As a patient, it is your right to be protected, so we have some advice about your rights and how to be smart when accessing telehealth platforms.

Monitoring and observability are essential for Kubernetes runtime security, i.e., protection of containers (or pods) against active threats once the containers are running.
Monitoring is a predefined set of measurements in a system that are employed to detect the deviations from a normal range. Kubernetes can monitor a variety of data types (Pod logs, Network flow logs, Application flow logs and Audit logs) and metrics (Connections per second, Packets per second, Application requests per second and CPU and memory utilization). These logs and metrics are utilized to identify known failures and provide detailed information to resolve the issue.

The retail sector is rapidly digitizing. As consumers push for seamless online experiences, many retailers have embraced an omnichannel approach to marketing and sales. Retailers are considered omnichannel when they incorporate several different methods of shopping such as an online shop, a physical store and excepting phone sales. While this shift has many business advantages, data security for omnichannel retailers often falls short — and retail cyber attacks grow.
Omnichannel strategies aim to provide a consistent experience across in-store, social media and online shop interactions on all devices. Businesses employing them retain 89% of their customers, so omnichannel is quickly becoming the norm. However, these strategies’ cybersecurity challenges become more concerning as retail data security issues rise.

There are several possible routes to attacking a containerized deployment, and one way to map them is to think of the potential attack vectors at each stage of a container’s life cycle.
The life cycle starts with the application code written by a developer. This code, as well as the third-party dependencies on which it relies, may contain flaws known as vulnerabilities. There are thousands of vulnerabilities that have been published, and if they exist in an application, an attacker may have the ability to exploit them. Examples of vulnerabilities are secret exposure and application (including CNF microservices) traffic in plane text, which can be intercepted and altered.

This article comprises three parts. We first introduce what a cloud native platform is with a deep dive into Kubernetes (K8s), which is the most popular open-source solution to container orchestration. Then, we discuss the threat landscape and overall security framework for mitigating the corresponding risks. The last part of the article focuses on monitoring and observability using the extended Berkeley Packet Filter (eBPF) technology.