Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

In this article 1. Analyzing the Trivy supply chain compromise 2. Detection and investigation 3. Mitigation and protection guidance 4. Advanced hunting queries 5. References 6. Learn more On March 19, 2026, Trivy, Aqua Security’s widely used open-source vulnerability scanner, was reported to have...

Linux Distros Unpatched Vulnerability : CVE-2022-50341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only...

CVE-2022-50341

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

Simplifying Azure Cloud Security with Snapshot-Based Scans

As organizations increasingly move to the cloud, securing these dynamic and transient environments has become a critical challenge for security teams. Cloud deployments are inherently more fluid than traditional infrastructure, with resources constantly being spun up, modified, or decommissioned...

Scattered Spider: The Modus Operandi

Scattered Spider: The Modus Operandi By Trellix · August 17, 2023 This story was also written by Phelix Oluoch Executive Summary Scattered Spider, also referred to as UNC3944, Scatter Swine, and Muddled Libra, is a financially motivated threat actor group that has been active since May 2022...

WALinuxAgent bug fix update

An update for WALinuxAgent is now available in the Extras channel of Rocky Linux 8. The Windows Azure Linux Agent supports provisioning and running Linux virtual machines in the Microsoft Windows Azure cloud. Users of Windows Azure Linux Agent are advised to upgrade to this updated package. The...

New cloud-native breadth threat protection capabilities in Azure Defender

As the world adapts to working remotely, the threat landscape is constantly evolving, and security teams struggle to protect workloads with multiple solutions that are often not well integrated nor comprehensive enough. This results in serious threats avoiding detection, as well as security teams...

Microsoft Azure Government Cloud support

Challenge Direct Restore to Azure functionality does not support Microsoft Azure Government Cloud. Cause Microsoft Azure Government Cloud requires a different Azure environment configuration that Veeam Backup & Replication 9.5 Update 3 does not implement out of the box. Solution Please perform...