Latest Posts
HELO, Is It Me You’re Exploiting For?
Another month, another pre-auth RCE in Exim, an open source mail server for Unix systems. This time, it’s CVE-2019-16928, a heap-based buffer overflow reported this weekend. Why it matters: If …
Major Key Alert: Data Discovery for Red Teams with an ML Tool for Keylogging
With the glut of security vendors who promise to secure to the moon and back on the star-glazed spaceship of Machine Learning (ML) technology, where is the equivalent for red …
Read of “Major Key Alert: Data Discovery for Red Teams with an ML Tool for Keylogging”
How Capsule8 Approaches Linux Monitoring
We at Capsule8 have put a lot of thought into our product by thinking about what would make us most mad as hackers if we encountered it while attacking an …
Here’s How Capsule8 Protect Helps You Achieve HIPAA Compliance for Your Linux Production Environment
By the end of December 2018, the HHS Office for Civil Rights received notifications that a staggering 13 million healthcare records had been exposed. Even with strict HIPAA regulations in …
(Back) Slasher: RCE Horrors in Exim
Last week, a buffer overflow vuln, deemed CVE-2019-15846, was announced in Exim that allowed remote code execution (RCE) via a trailing backslash, perhaps like a blade-wielding ghost stalking you after …
Introducing Capsule8 Investigations
This week we announced Investigations, new functionality that enables cloud users to maintain a dedicated database just for security data without the cost or burden of having to set up …
Off to the PTraces
Yesterday, a privilege escalation bug in the ptrace syscall was made public by Jann Horn at Project Zero, deemed CVE-2019-13272. The culprit was broken permission and object lifetime handling by …
How Security Teams Can Learn to Stop Worrying and Love the OODA Loop
A well-loved military operational strategy is the OODA loop, a learning cycle that helps the operator gain an advantage against their opponent by responding with greater agility to unfolding events. …
Read of “How Security Teams Can Learn to Stop Worrying and Love the OODA Loop”
Customer Interview: Looker
With over 1700 industry-leading and innovative companies such as Sony, Amazon, IBM, Spotify, Etsy and Lyft trusting Looker’s data platform, Looker takes security seriously. The Looker Security Operations team, managed …