This week's articles
Hunting Adversarial Cloudflared Instances
Ransomware affiliates have long since abused Cloudflared tunnels to maintain persistent access to compromised environments. These tunnels can be utilized as a strong indicator of compromise when examined at-scale.
#attack
#cloudflare
#monitor
Google Spoofed Via DKIM Replay Attack
Learn how a convincing Google spoof used a DKIM replay attack to bypass email security and trick users with a fake subpoena. A real-world phishing example you need to see.
#attack
#gsuite
Salesforce Connected Apps: Navigating NHI Security Risks and Best Practices
Salesforce security sits in this weird no-man's-land. It's not clearly IT's job, not entirely the security team's responsibility, and sometimes falls partly on the Sales Ops roles in the business units themselves. Figuring out who truly "owns" permission management can turn into a serious headache.
#iam
#saas
How Out-of-the-Box Helm Charts Can Breach Your Cluster
While these plug-and-play options greatly simplify the setup process, they often prioritize ease of use over security. As a result, a large number of applications end up being deployed in a misconfigured state by default, exposing sensitive data, cloud resources, or even the entire environment to attackers.
#attack
#kubernetes
|