Latest Posts
Applying the Linux MITRE ATT&CK Framework with Capsule8
The MITRE ATT&CK™ framework is becoming increasingly adopted as a way to validate detection coverage. If you aren’t yet familiar with it, ATT&CK is an open-source knowledge base of tactics …
Read of “Applying the Linux MITRE ATT&CK Framework with Capsule8”
Our 2020 Security Predictions Clickbait Will Leave You SHOOK!
Prediction lists in the security industry are mostly self-indulgent fan fiction, so we decided to create an anti-meme in response. Rather than spin tall tales about drones using lasers to …
Read of “Our 2020 Security Predictions Clickbait Will Leave You SHOOK!”
OOMyPod: Nothin’ To CRI-O-bout
Gather around the fire for a story about the unlikely partnership of bugs that led to a partial container escape. While this is a fairly technical post covering some container …
Don’t Get Kicked Out! A Tale of Rootkits and Other Backdoors
Introduction When it comes to rootkits and other backdoors, everything is on the table. There exists a vulnerability that can be exploited in a system binary to gain root access? …
Read of “Don’t Get Kicked Out! A Tale of Rootkits and Other Backdoors”
The Curious Case of a Kibana Compromise
The sun rose, coffee was guzzled, and fingers clicked away at keys, making it a typical day at Capsule8 HQ – until it wasn’t. As the Capsule8 team deployed one …
An Infosec Lens on the 2019 State of DevOps Report: What It Means for Us
Understanding DevOps trends is essential for infosec professionals. Before you angrily close the tab because you are tired of lectures about the need for infosec to work with DevOps, consider …
Read of “An Infosec Lens on the 2019 State of DevOps Report: What It Means for Us”
HELO, Is It Me You’re Exploiting For?
Another month, another pre-auth RCE in Exim, an open source mail server for Unix systems. This time, it’s CVE-2019-16928, a heap-based buffer overflow reported this weekend. Why it matters: If …
Major Key Alert: Data Discovery for Red Teams with an ML Tool for Keylogging
With the glut of security vendors who promise to secure to the moon and back on the star-glazed spaceship of Machine Learning (ML) technology, where is the equivalent for red …
Read of “Major Key Alert: Data Discovery for Red Teams with an ML Tool for Keylogging”
How Capsule8 Approaches Linux Monitoring
We at Capsule8 have put a lot of thought into our product by thinking about what would make us most mad as hackers if we encountered it while attacking an …