Container Security, Securing our Software Future, Threat Modeling Medical Devices and more
Description
Exploring Container Security: A Storage Vulnerability Deep Dive - https://security.googleblog.com/2021/...
Recently, the GKE Security team discovered a high severity vulnerability that allowed workloads to have access to parts of the host file system outside the boundaries of the mounted volume. Remember, vulnerabilities can exist deep within the internals of Kubernetes.
Really Stupid “Smart Contract” Bug Let Hackers Steal $31 Million In Digital Coin - https://arstechnica.com/information-t...
An accounting error built into the company's software let an attacker inflate the MONO tokens price and then use it to cash out all the other deposited tokens, MonoX Finance revealed in a post. The haul amounted to $31 million worth of tokens on the Ethereum or Polygon blockchains, both of which are supported by the MonoX protocol. 
Thinking back, Looking forward – A Balanced Approach to Securing our Software Future - https://www.buzzsprout.com/1730684/88...
Keven Greene is the Director of Security Solutions at Parasoft and has extensive experience and expertise in software security, cyber research and development, and DevOps. He and Chris discussed software security from the past into the future. They cover how to make security easier for devs, SBOM, software minimalism, and so much more in this episode of the Application Security Podcast.
Security Metrics that Count - https://www.twilio.com/blog/security-...
Metrics can be challenging. Twilio uses security metrics to drive change within their organization, celebrate improvements over time to help better protect their customers, and measure their security program. 
Playbook for Threat Modeling Medical Devices - https://www.mitre.org/publications/te...
The "Playbook for Threat Modeling Medical Devices" was developed further to increase knowledge of threat modeling throughout the medical device ecosystem and strengthen the cybersecurity and safety of medical devices.







