Experience Kubernetes OOM kills can be very frustrating. Why is my application struggling if I have plenty of CPU in the node? Managing Kubernetes pod resources can be a challenge. Many issues can arise, possibly due to an incorrect configuration of Kubernetes limits and requests. In this article, we will try to help you detect the most common i

Current Problem When working in an unknown network, some of the most important pieces of information to have are appraisals of current assets and information contained on them. This is important for any security professional, from tester to defender. Given the prevalence of Active Directory (AD) in most Windows environments, gaining a clear inventory of t

When TrustedSec first started, the vision was to build a team of amazing individuals that were passionate, dedicated, and focused on helping organizations fix the issues they face in cybersecurity. While we may have accomplished this, there’s always more to do. At TrustedSec, our mission to contribute to the industry and community has always remained strong.

Author: Ruud van Luijk Attacks need to have a form of communication with their victim machines, also known as Command and Control (C2) [1]. This can be in the form of a continuous connection or connect the victim machine directly. However, it’s convenient to have the victim machine connect to you. In other words: It has to communicate back. This blog describ

A staggering number of UC Browsers and mini Android apps of the same name may have been vulnerable to Man-in-the-middle or MiTM attacks. This happened when they downloaded an APK, Android Package Kit from an unauthorized or third-party server over insecure channels. Hackers can use MiTM to spy on the devices and change or intercept any communications. This

5 Major Cybersecurity Trends for 2020 January 8th, 2020 No Comments anti-phishing, Mobile Security, Online Safety, PC security, Ransomware, Uncategorized 2019 is gone and a new decade is in sight. 2020 is said to be a year that will bring on many ch

How to Protect Yourself (& your family) against Identity Theft During the Holidays December 24th, 2019 No Comments Holidays, identity theft, Mobile Security, Online Privacy, Online Safety, PC security, Uncategorized The holidays are a great tim

Kubernetes 1.17 is about to be released! This short-cycle release is focused on small improvements and house cleaning. There are implementation optimizations all over the place, new features like the promising topology aware routing, and improvements to the dual-stack support. Here is the list of what’s new in Kubernetes 1.17. This is what’s new in #

Every new user with a smashing new device will surely get a SIM card to get it working correctly as soon as possible. Depending on the SIM card being used, the new carrier would be handing over all his data automatically after configuration. And all it takes is a simple SMS that will plant malicious malware on your device without you noticing. The scheme is

byCharlotte WilliamsWe are looking for a student to join our team for a 12-month internship at our Abingdon, UK, headquarters.If you’re currently studying marketing, business or another relevant field, and have strong written, project management and organisational skills, we want you!As part of the Content Marketing internship, you’ll work on the Naked Secur

In this blog post you’ll learn how to set up image vulnerability scanning for AWS CodePipeline and AWS CodeBuild using Sysdig Secure DevOps Platform. AWS provides several tools for DevOps teams: CodeCommit for version control, CodeBuild for building and testing code, and CodeDeploy for automatic code deployment. The block on top of all these tools is

As an attacker, I frequently leverage LSASecrets to escalate privileges within the context of an ongoing compromise. Generally, the attack path is something like this: Gain Initial Foothold > Escalate to Limited User > Dump LSASecrets on Systems Where Credentials are Administrator A pretty slick way to identify targets to dump LSASecrets on is to

Google Cloud Run is a serverless compute platform that automatically scales your stateless containers. In this post we are going to showcase how to secure the entire lifecycle of your Cloud Run services. Sysdig provides a secure DevOps workflow for Cloud Run Platforms that embeds security, maximizes availability and validates compliance across the ser

Instagram is without doubts a leading social network of nowadays. Millions of people from all over the world are browsing trough its news feed daily, posting moments from their life, following other users, celebrities and stuff what interest them. With a huge rise of Instagram’s popularity, with hundreds of thousands daily active users, it’s a common thing t

Many Twitter users across the world got themselves in situation of losing their account password at least once in their lifetime. This problem may occur due to many reasons. One can simply forget or save their password somewhere safe, and after some time you can’t remember it. Some Twitter accounts are also getting hacked and lost forever. In most situation