Security and FUD Leftovers

posted by Roy Schestowitz on Sep 07, 2022,
updated Sep 08, 2022

• Essential Guide to Securing Node.JS Applications

• To Protect Cloud-Native APIs, Avoid Overly Permissive States - Container Journal

  APIs are now foundational to how modern applications are built: Using microservices and containers and running on platforms like Kubernetes. They’re the standard mechanism to integrate internal components or expose functionality to partners. APIs have also risen in ubiquity alongside microservices architecture, providing a common way to incrementally develop, scale and reuse specialized cloud-native functionality.

  But along with this newfound ubiquity, API attacks are surging. Malicious API traffic saw a staggering 117% increase in the past year, according to Salt Labs’ State of API Security Report, Q3 2022. This is partly due to the sheer number of APIs being produced. While some of these encompass public products, the majority are internal-facing services, the 2022 Postman State of the API Report finds.

  I recently chatted with John Morello, VP of product, Palo Alto Networks, to gather insights on how to best protect cloud-native applications and APIs. According to Morello, APIs are prone to data overexposure and require more modern analysis techniques to validate traffic. Furthermore, he believes IT security requires unified management across clouds—more holistic visibility and control can help correlate issues across various toolsets.

• Albania attributes cyberattack to Iran. TikTok denies breach. New Linux malware. [Ed: Trying hard to associate "Linux" with malware even when Linux itself isn't to blame but something else; Windows gets ignored in such contexts, it does not get named]

• This stealthy Linux malware starts off small but gradually takes control [Ed: Microsoft-sponsored ZDNet does the same]

Another one now.

• New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

  A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads.

  "An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist," AT&T Alien Labs said in a new report published Tuesday.

A couple more now.

• Schools warned of increased threat of cyberattacks [iophk: Windows TCO]

  The advisory came after the Los Angeles Unified School District (LAUSD) announced it had experienced a ransomware attack over the weekend.