Blog Posts
-
How to Secure Secrets in Multi-cloud Environments
It wasn’t too long ago that using a single cloud for some business operations was cutting-edge technology. Now the cloud is essential for accelerating growth, improving efficiency and remaining...
-
Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1
Everything started when I was researching Windows containers. It required installing Docker Desktop for Windows, and I couldn’t help but notice that there were many Docker processes. Since some of...
-
Three Ways to Reinforce Least Privilege with Identity Management
The definition of privilege is changing, and this changes everything. Identities of all types — not just IT team members, but any employees — are gaining access to sensitive data, infrastructure...
-
Identity Security: Bridging the Executive Confidence/Reality Gap
In recent years, cybersecurity has become a board-level issue resulting in several executives taking greater responsibility in cybersecurity-related decisions. As a result, the CISO is no longer a...
-
Why No User Should Have Local Admin Rights
The idea of removing local administrator rights from Every. Single. User. across your organization is likely to spark strong reactions. Search popular online forums for the phrase “remove local...
-
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers
TL;DR I discovered multiple bugs in OEM vendors for peripheral devices, which affected many users of these OEM vendors (Razer, EVGA, MSI, AMI). Many of the vulnerabilities originated in a...
-
How Identity Security Addresses Key DoD Zero Trust Requirements
The U.S. Department of Defense (DoD) is going all in on Zero Trust. In late 2022, the Pentagon released its long-anticipated Zero Trust strategy and roadmap for migrating “trusted” perimeter-based...
-
Zero-Days in RGB Keyboards, Top DID Network Exposed at INTENT Threat Research Summit
Data breach headlines are daily reminders that cyberattackers keep innovating. While constant research to uncover threats and share crucial intelligence with defenders is far less visible, the...
-
Chatting Our Way Into Creating a Polymorphic Malware
Abstract ChatGPT took the world by storm being released less than two months ago, it has become prominent and is used everywhere, for a wide variety of tasks – from automation tasks to the...
-
CircleCI Breach Exposes Risk of Hard-coded Secrets
The recent CircleCI breach highlights the risk of storing secrets in places like private code repositories (GitHub), scripts, configuration files, files encrypted at rest, CI/CD pipeline code or...
-
Six Takeaways from Recent Ransomware Attacks
2022 ransomware attack learnings can inform 2023 cybersecurity strategies, helping organizations combat threats and reduce risk with greater confidence. The CyberArk 2022 Identity Security Threat...
-
Why Intelligent Privilege Controls Are Essential for Identity Security
“If we can control identity, we can stop most modern attacks. And if you control identity, then you control every perimeter, application, container – effectively every part of the environment.” –...
-
CyberArk Labs’ 2022 Threat Research in Review
Cyber defenders need timely, accurate threat intelligence to protect their organizations. This is what drives our CyberArk Labs team to produce innovative research, expose new attack methods and...
-
Trust Issues Podcast: A 2022 Cyber Episodes Replay
Since launching last spring, the CyberArk Trust Issues Podcast has covered a range of top-of-mind cybersecurity subjects. Whether you’re interested in CISO perspectives, cutting-edge threat...
-
Revisiting Major 2022 Breaches and Cybersecurity Events
Before we ring in the new year, we’re reflecting on some of the biggest cybersecurity events of 2022. It’s been a stressful 12 months for security teams, to say the least. Many open cybersecurity...
-
What I Learned from Analyzing a Caching Vulnerability in Istio
TL;DR Istio is an open-source service mash that can layer over applications. Studying CVE-2021-34824 in Istio will allow us to dive into some concepts of Istio and service meshes in general. We...
-
2023 Cybersecurity Trends We’re Tracking
Cybersecurity doesn’t happen in a vacuum. Evolving attack trends, world events, regulatory changes, shifting organizational priorities and many other factors influence enterprise programs. With...
-
Decentralized Identity Attack Surface – Part 2
Introduction This is the second part of our Decentralized Identity (DID) blog series. In case you’re not familiar with DID concepts, we highly encourage you to start with the first part. This time...
-
Latest Uber Breach Underscores Third-Party Vendor Security Challenges
Uber is back in the spotlight, this time for a breach involving a third-party vendor. According to reports, an attacker accessed the vendor organization’s public cloud backup server, obtaining and...
-
An Identity Security Approach to NIS2 Readiness
With its new and improved Network and Information Security Directive, NIS2, the European Union joins a growing list of governments around the world that are enacting stronger cybersecurity...
-
Loading More...