CyberSecNews Weekly - 0x23-W1522
News
-
KA-SAT Network cyber attack overview
Viasat is providing an overview and incident report on the cyber-attack against the KA-SAT network, which occurred on 24 February 2022, and resulted in a partial interruption of KA-SAT's consumer-oriented satellite broadband service. -
New Spring4Shell Zero-Day Vulnerability Confirmed: What it is and how to be prepared
On March 29, 2022, a Chinese cybersecurity research firm leaked an attack that could impact most enterprise JAVA applications, globally. An investigation of the issue showed that the root cause was a vulnerability in the open-source programming framework called Spring Core. Contrast Security Labs team confirmed the zero-day vulnerability, Spring4Shell, which could be the source of Remote Code Execution (RCE). -
Countering threats from North Korea
On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609.
Tool
Articles
Tutorial
-
What to look for when reviewing a company's infrastructure
A comprehensive guide that provides a structured approach to reviewing the security architecture of a multi-cloud SaaS company and finding its most critical components. -
Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer – Sysdig
Sysdig has released the following binaries that will allow us to collect Okta events and using Falco OOTB rules to detect suspicious activity -
Digital Forensics Basics: A Practical Guide for Kubernetes DFIR
We covered the basic best practices to perform DFIR in a Kubernetes cluster. We also simulated how to inspect and respond to a breach.