All InfoSec / Cybersecurity News from Datadog Security Labs | allinfosecnews.com

Latest
Top

Container security fundamentals part 6: seccomp 2 weeks, 2 days ago | securitylabs.datadoghq.com

container containers container security defense +8

What's new for security in Kubernetes 1.28 1 month, 1 week ago | securitylabs.datadoghq.com

article beta beta release called +10

Datadog guide to Hacker Summer Camp 2023 1 month, 2 weeks ago | securitylabs.datadoghq.com

august back best practices camp +14

Container security fundamentals part 5: AppArmor and SELinux 1 month, 3 weeks ago | securitylabs.datadoghq.com

access access control apparmor beyond +14

No keys attached: Exploring GitHub-to-AWS keyless authentication flaws 2 months ago | securitylabs.datadoghq.com

access access management actions authentication +22

Misconfiguration Spotlight: Securing the EC2 Instance Metadata Service 3 months, 3 weeks ago | securitylabs.datadoghq.com

aws cloud cloud environments ec2 +11

Container security fundamentals part 4: Cgroups 4 months ago | securitylabs.datadoghq.com

access challenge container container security +17

Attacking and securing cloud identities in managed Kubernetes part 1: Amazon EKS 4 months, 1 week ago | securitylabs.datadoghq.com

access access management amazon attack +22

Ther OverlayFS vulnerability CVE-2023-0386: Overview, detection, and remediation 4 months, 2 weeks ago | securitylabs.datadoghq.com

cve detection escalation introduction +15

Introducing HASH: The HTTP Agnostic Software Honeypot framework 4 months, 3 weeks ago | securitylabs.datadoghq.com

challenges continue current emerging +18

An Adventure in Google Cloud threat detection 5 months ago | securitylabs.datadoghq.com

analysts arthur bad blog +17

Container security fundamentals part 3: Capabilities 5 months, 1 week ago | securitylabs.datadoghq.com

bash capabilities cases change +15

What's new for security in Kubernetes 1.27 5 months, 2 weeks ago | securitylabs.datadoghq.com

applications attacks container container security +19

Publicly shared RDS snapshot 5 months, 3 weeks ago | securitylabs.datadoghq.com

Publicly accessible SQS queue 5 months, 3 weeks ago | securitylabs.datadoghq.com

Stopping a CloudTrail trail 5 months, 3 weeks ago | securitylabs.datadoghq.com

Compromising AWS Console credentials 5 months, 3 weeks ago | securitylabs.datadoghq.com

aws console credentials

Publicly shared AMI 5 months, 3 weeks ago | securitylabs.datadoghq.com

Stealing EC2 instance credentials through the Instance Metadata Service 5 months, 3 weeks ago | securitylabs.datadoghq.com

credentials ec2 instance metadata +2

Stealing an RDS database by creating a snapshot and sharing it 5 months, 3 weeks ago | securitylabs.datadoghq.com

database rds sharing stealing

Creating a new IAM user 5 months, 3 weeks ago | securitylabs.datadoghq.com

Stealing an EBS snapshot by creating a snapshot and sharing it 5 months, 3 weeks ago | securitylabs.datadoghq.com

ebs sharing stealing

EC2 instance without IMDSv2 enforced 5 months, 3 weeks ago | securitylabs.datadoghq.com

Publicly shared EBS snapshot 5 months, 3 weeks ago | securitylabs.datadoghq.com

Usage of the root user 5 months, 3 weeks ago | securitylabs.datadoghq.com

Lambda function is publicly accessible through function URL 5 months, 3 weeks ago | securitylabs.datadoghq.com

function lambda url

Publicly accessible RDS instance 5 months, 3 weeks ago | securitylabs.datadoghq.com

Active root user access keys 5 months, 3 weeks ago | securitylabs.datadoghq.com

access access keys keys root

IAM user with Console access does not have MFA 5 months, 3 weeks ago | securitylabs.datadoghq.com

access console iam mfa

Publicly accessible SNS topic 5 months, 3 weeks ago | securitylabs.datadoghq.com

Public S3 bucket through bucket policy 5 months, 3 weeks ago | securitylabs.datadoghq.com

policy public s3 bucket

Public S3 bucket through bucket ACL 5 months, 3 weeks ago | securitylabs.datadoghq.com

acl public s3 bucket

Executing commands through EC2 user data 5 months, 3 weeks ago | securitylabs.datadoghq.com

data ec2 user data

Removing VPC flow logs 5 months, 3 weeks ago | securitylabs.datadoghq.com

flow flow logs logs vpc +1

IAM role can be assumed by anyone 5 months, 3 weeks ago | securitylabs.datadoghq.com

Security group exposes risky ports to the internet 5 months, 3 weeks ago | securitylabs.datadoghq.com

internet ports security

IAM user with old access keys 5 months, 3 weeks ago | securitylabs.datadoghq.com

access access keys iam keys +1

Launching EC2 instances 5 months, 3 weeks ago | securitylabs.datadoghq.com

Opening a security group to the Internet 5 months, 3 weeks ago | securitylabs.datadoghq.com

internet security

Identify and remediate common cloud risks with the Datadog Cloud Security Atlas 5 months, 4 weeks ago | securitylabs.datadoghq.com

atlas attack attacks aws +26

Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research 6 months, 1 week ago | securitylabs.datadoghq.com

actions api auditing aws +16

Container security fundamentals part 2: Isolation & namespaces 6 months, 2 weeks ago | securitylabs.datadoghq.com

container containers container security fundamentals +11

Container security fundamentals: Exploring containers as processes 7 months ago | securitylabs.datadoghq.com

complexity container containerization containers +16

Highlights from CloudNativeSecurityCon 7 months, 1 week ago | securitylabs.datadoghq.com

analysis bill cloud cloud-native +25

Announcing GuardDog 1.0, with npm support, new heuristics, and easier CI integration 7 months, 1 week ago | securitylabs.datadoghq.com

analysis features github head +19

Discovering a weakness that allowed to partially bypass the login rate limiting of the AWS … 7 months, 3 weeks ago | securitylabs.datadoghq.com

attacks authentication aws brute +15

AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass 8 months, 1 week ago | securitylabs.datadoghq.com

accounts administrators adversary api +24

Datadog Security Labs 2022 in review: Highlights from our inaugural year 8 months, 4 weeks ago | securitylabs.datadoghq.com

datadog labs review security +1

A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins 9 months ago | securitylabs.datadoghq.com

breaches cloud cloud breaches houston +2

What's New for Security in Kubernetes 1.26 9 months, 3 weeks ago | securitylabs.datadoghq.com

kubernetes security what's new

Attacker persistence in Kubernetes using the TokenRequest API: Overview, detection, and prevention 9 months, 3 weeks ago | securitylabs.datadoghq.com

api detection kubernetes persistence +1

Investigating a backdoored PyPi package targeting FastAPI applications 10 months ago | securitylabs.datadoghq.com

applications fastapi package pypi +2

A Confused Deputy Vulnerability in AWS AppSync 10 months ago | securitylabs.datadoghq.com

appsync aws vulnerability

Finding malicious PyPI packages through static code analysis: Meet GuardDog 10 months, 1 week ago | securitylabs.datadoghq.com

analysis code code analysis malicious +3

The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation 10 months, 3 weeks ago | securitylabs.datadoghq.com

cve cve-2022-3602 detection exploitation +4

KubeHuddle: The first Scottish Kubernetes conference 11 months, 1 week ago | securitylabs.datadoghq.com

conference first kubernetes

Improving your AWS Security posture: Key Learnings from the State of AWS Security study 11 months, 2 weeks ago | securitylabs.datadoghq.com

aws key posture security +3

State of AWS Security in 2022: A Look Into Real-World AWS Environments 11 months, 3 weeks ago | securitylabs.datadoghq.com

aws environments security state +1

Highlights from BSides Zürich 11 months, 4 weeks ago | securitylabs.datadoghq.com

Highlights from Hacker Summer Camp 1 year ago | securitylabs.datadoghq.com

camp hacker hacker summer camp summer +1

Nothing found.

Items published with this topic over the last 90 days.

Latest

Container security fundamentals part 6: seccomp 2 weeks, 2 days ago | securitylabs.datadoghq.com

container containers container security defense +8

What's new for security in Kubernetes 1.28 1 month, 1 week ago | securitylabs.datadoghq.com

article beta beta release called +10

Datadog guide to Hacker Summer Camp 2023 1 month, 2 weeks ago | securitylabs.datadoghq.com

august back best practices camp +14

Container security fundamentals part 5: AppArmor and SELinux 1 month, 3 weeks ago | securitylabs.datadoghq.com

access access control apparmor beyond +14

No keys attached: Exploring GitHub-to-AWS keyless authentication flaws 2 months ago | securitylabs.datadoghq.com

access access management actions authentication +22

Misconfiguration Spotlight: Securing the EC2 Instance Metadata Service 3 months, 3 weeks ago | securitylabs.datadoghq.com

aws cloud cloud environments ec2 +11

Container security fundamentals part 4: Cgroups 4 months ago | securitylabs.datadoghq.com

access challenge container container security +17

Attacking and securing cloud identities in managed Kubernetes part 1: Amazon EKS 4 months, 1 week ago | securitylabs.datadoghq.com

access access management amazon attack +22

Ther OverlayFS vulnerability CVE-2023-0386: Overview, detection, and remediation 4 months, 2 weeks ago | securitylabs.datadoghq.com

cve detection escalation introduction +15

Introducing HASH: The HTTP Agnostic Software Honeypot framework 4 months, 3 weeks ago | securitylabs.datadoghq.com

challenges continue current emerging +18

An Adventure in Google Cloud threat detection 5 months ago | securitylabs.datadoghq.com

analysts arthur bad blog +17

Container security fundamentals part 3: Capabilities 5 months, 1 week ago | securitylabs.datadoghq.com

bash capabilities cases change +15

What's new for security in Kubernetes 1.27 5 months, 2 weeks ago | securitylabs.datadoghq.com

applications attacks container container security +19

Publicly shared RDS snapshot 5 months, 3 weeks ago | securitylabs.datadoghq.com

Publicly accessible SQS queue 5 months, 3 weeks ago | securitylabs.datadoghq.com

Stopping a CloudTrail trail 5 months, 3 weeks ago | securitylabs.datadoghq.com

Compromising AWS Console credentials 5 months, 3 weeks ago | securitylabs.datadoghq.com

aws console credentials

Publicly shared AMI 5 months, 3 weeks ago | securitylabs.datadoghq.com

Stealing EC2 instance credentials through the Instance Metadata Service 5 months, 3 weeks ago | securitylabs.datadoghq.com

credentials ec2 instance metadata +2

Stealing an RDS database by creating a snapshot and sharing it 5 months, 3 weeks ago | securitylabs.datadoghq.com

database rds sharing stealing

Creating a new IAM user 5 months, 3 weeks ago | securitylabs.datadoghq.com

Stealing an EBS snapshot by creating a snapshot and sharing it 5 months, 3 weeks ago | securitylabs.datadoghq.com

ebs sharing stealing

EC2 instance without IMDSv2 enforced 5 months, 3 weeks ago | securitylabs.datadoghq.com

Publicly shared EBS snapshot 5 months, 3 weeks ago | securitylabs.datadoghq.com

Usage of the root user 5 months, 3 weeks ago | securitylabs.datadoghq.com

Lambda function is publicly accessible through function URL 5 months, 3 weeks ago | securitylabs.datadoghq.com

function lambda url

Publicly accessible RDS instance 5 months, 3 weeks ago | securitylabs.datadoghq.com

Active root user access keys 5 months, 3 weeks ago | securitylabs.datadoghq.com

access access keys keys root

IAM user with Console access does not have MFA 5 months, 3 weeks ago | securitylabs.datadoghq.com

access console iam mfa

Publicly accessible SNS topic 5 months, 3 weeks ago | securitylabs.datadoghq.com

Public S3 bucket through bucket policy 5 months, 3 weeks ago | securitylabs.datadoghq.com

policy public s3 bucket

Public S3 bucket through bucket ACL 5 months, 3 weeks ago | securitylabs.datadoghq.com

acl public s3 bucket

Executing commands through EC2 user data 5 months, 3 weeks ago | securitylabs.datadoghq.com

data ec2 user data

Removing VPC flow logs 5 months, 3 weeks ago | securitylabs.datadoghq.com

flow flow logs logs vpc +1

IAM role can be assumed by anyone 5 months, 3 weeks ago | securitylabs.datadoghq.com

Security group exposes risky ports to the internet 5 months, 3 weeks ago | securitylabs.datadoghq.com

internet ports security

IAM user with old access keys 5 months, 3 weeks ago | securitylabs.datadoghq.com

access access keys iam keys +1

Launching EC2 instances 5 months, 3 weeks ago | securitylabs.datadoghq.com

Opening a security group to the Internet 5 months, 3 weeks ago | securitylabs.datadoghq.com

internet security

Identify and remediate common cloud risks with the Datadog Cloud Security Atlas 5 months, 4 weeks ago | securitylabs.datadoghq.com

atlas attack attacks aws +26

Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research 6 months, 1 week ago | securitylabs.datadoghq.com

actions api auditing aws +16

Container security fundamentals part 2: Isolation & namespaces 6 months, 2 weeks ago | securitylabs.datadoghq.com

container containers container security fundamentals +11

Container security fundamentals: Exploring containers as processes 7 months ago | securitylabs.datadoghq.com

complexity container containerization containers +16

Highlights from CloudNativeSecurityCon 7 months, 1 week ago | securitylabs.datadoghq.com

analysis bill cloud cloud-native +25

Announcing GuardDog 1.0, with npm support, new heuristics, and easier CI integration 7 months, 1 week ago | securitylabs.datadoghq.com

analysis features github head +19

Discovering a weakness that allowed to partially bypass the login rate limiting of the AWS … 7 months, 3 weeks ago | securitylabs.datadoghq.com

attacks authentication aws brute +15

AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass 8 months, 1 week ago | securitylabs.datadoghq.com

accounts administrators adversary api +24

Datadog Security Labs 2022 in review: Highlights from our inaugural year 8 months, 4 weeks ago | securitylabs.datadoghq.com

datadog labs review security +1

A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins 9 months ago | securitylabs.datadoghq.com

breaches cloud cloud breaches houston +2

What's New for Security in Kubernetes 1.26 9 months, 3 weeks ago | securitylabs.datadoghq.com

kubernetes security what's new

Attacker persistence in Kubernetes using the TokenRequest API: Overview, detection, and prevention 9 months, 3 weeks ago | securitylabs.datadoghq.com

api detection kubernetes persistence +1

Investigating a backdoored PyPi package targeting FastAPI applications 10 months ago | securitylabs.datadoghq.com

applications fastapi package pypi +2

A Confused Deputy Vulnerability in AWS AppSync 10 months ago | securitylabs.datadoghq.com

appsync aws vulnerability

Finding malicious PyPI packages through static code analysis: Meet GuardDog 10 months, 1 week ago | securitylabs.datadoghq.com

analysis code code analysis malicious +3

The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation 10 months, 3 weeks ago | securitylabs.datadoghq.com

cve cve-2022-3602 detection exploitation +4

KubeHuddle: The first Scottish Kubernetes conference 11 months, 1 week ago | securitylabs.datadoghq.com

conference first kubernetes

Improving your AWS Security posture: Key Learnings from the State of AWS Security study 11 months, 2 weeks ago | securitylabs.datadoghq.com

aws key posture security +3

State of AWS Security in 2022: A Look Into Real-World AWS Environments 11 months, 3 weeks ago | securitylabs.datadoghq.com

aws environments security state +1

Highlights from BSides Zürich 11 months, 4 weeks ago | securitylabs.datadoghq.com

Highlights from Hacker Summer Camp 1 year ago | securitylabs.datadoghq.com

camp hacker hacker summer camp summer +1

Top (last 7 days)

Nothing found.

Business Information Security Officer

@ Metrolink | Los Angeles, CA

View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU

View on infosec-jobs.com

Elastic Consultant - EMEA

@ Elasticsearch | Germany

View on infosec-jobs.com

Software Development Engineer, Security

@ Binance | Romania, Bucharest

View on infosec-jobs.com

Digital Network Exploitation Analyst III

@ Aperio Global, LLC | Fort Meade, Maryland, United States

View on infosec-jobs.com