Blog

The widespread adoption of AI introduces unique security considerations. Misconfigurations in AI infrastructure and unsecured APIs can create weaknesses that cybercriminals will exploit. In this blog post, we dive deep into how SentinelOne’s agentless AI Security Posture Management (AI-SPM) solution addresses these challenges by offering AI inventory automation, misconfiguration detection, and attack path analysis to […]

The Good | Extortionist Sentenced to 10 Years For Cybercrimes Against U.S. Medical Clinics This week, the FBI sentenced Robert Purbeck to 10 years in prison for stealing personal data from over 132,000 individuals across 19 U.S. organizations. Purbeck is also known as “Lifelock” and “Studmaster” online and has been carrying out cybercrimes and extortion

As serverless computing continues to revolutionize the cloud landscape, AWS Lambda has emerged as a pivotal service, offering a Function-as-a-Service (FaaS) model that allows developers to focus solely on code while AWS manages the underlying infrastructure. This shift towards serverless architectures brings new security challenges and considerations that security researchers and professionals must understand and

The Good | Police Seize Infostealer Malware Operations & Charge Suspected Administrator Executing “Operation Magnus”, Dutch National Police this week joined forces with international law enforcement groups to disrupt the network infrastructure for Redline and Meta infostealer malware. Considered popular tools on platforms like Telegram, Redline and Meta are commonly used by attackers to steal

In this blog post, we take the concepts from Climbing The Ladder | Kubernetes Privilege Escalation (Part 1), which examined privilege escalation in Kubernetes environments and the danger of system pods, and now take a deep dive by analyzing an explicit use case. Part 2 of this series explores how a chain of misconfigurations in

The Good | CISA Safety Proposal Set to Protect U.S. Data & Recovery Tool for Mallox Ransomware Published Following President Biden’s Executive Order 14117, signed earlier in the year, CISA has proposed new security measures to prevent adversary nations from accessing sensitive personal and government-related data across the U.S. The proposal is aimed at organizations

Kubernetes (K8s) has become an integral part of cloud-native environments, offering powerful container orchestration capabilities that enable organizations to deploy, manage, and scale applications efficiently. However, as Kubernetes adoption grows, so does its attractiveness as a target for attackers. This is the first Attack post within our new Cloud & Container – Attack & Defend

Last week, researchers at Trend Micro published a report on a macOS malware sample that had credible file locking and data exfiltration capabilities and masqueraded as LockBit ransomware on successful encryption of a user’s files. Until now, ransomware threats for Mac computers had been at best ‘proof of concept’ and at worst entirely incapable of

Imagine a customer walking into your retail location and effortlessly connecting to fast, secure Wi-Fi on their phone. Instantly, their app engages them with tailored location-specific information like available coupons and new products, based on personal preferences and buying behavior. When they’re ready to check out, they skip the register and leave without the wait

The Good | DoJ Unseals Indictment Against Notorious ‘Anonymous Sudan’ DDoS Operators An unsealed indictment charged two brothers with operating the hacktivist group ‘Anonymous Sudan’, responsible for over 35,000 Distributed Denial of Service (DDoS) attacks globally. DDoS attacks work by flooding a target’s systems, usually via botnet, to send high levels of traffic and cause