Background:
The Linux kernel lockdown mode was introduced in Linux kernel version 5.4. Its purpose is to help protect the kernel from actions that could compromise the confidentiality or integrity of [...] Read more
Background:
As we continue our journey into the mechanisms of kernel protection toolsets and monitoring, let's focus on our next candidate: SLUB. In simple terms, SLUB (the Unqueued Slab Allocator) [...] Read more
Background:
As we continue our discovery of Linux kernel protection mechanisms, we should also look at the built-in capability called Kernel Address Space Layout Randomization (KASLR). KASLR’s [...] Read more
Background:
In our previous article, I described one method to prevent or monitor harmful activities that can be carried out against the Linux kernel, focusing on the research of SELinux [...] Read more
Background:
Today, the industry already provides the capability to use dedicated scanners for Docker images and containers. However, what if you do not have the budget to acquire such tools? In this [...] Read more
Background:
ClickFix or FakeCaptcha attacks have become a common component of many attack campaigns. These techniques enable threat actors, with the user's unwitting assistance, to execute arbitrary [...] Read more
Background: Based on well-known practices and yearly reviews over the infosec industry channels, a significant part of incidents occurring in the cloud are primarily caused by misconfigurations of [...] Read more
Background:
I came across an interesting method that highlights why integrating Threat Intelligence, Official Recommendations, and LLMs can create a more robust perimeter to combat threats like [...] Read more
Background:
It's no surprise that even security tools require maintenance, especially when scaling. Based on your chosen strategy, security detection engineers should review their environment every [...] Read more
