Tagged articles

10 articles

Page 1 of 1

May 15, 2026 · Information Security

Twin Brothers Delete 96 Government Databases – A Privileged‑Account Failure Case Study

In 2025, twin brothers with prior cyber‑crime convictions exploited a privileged‑account gap at a federal‑service contractor, erased 96 government databases within six minutes, used AI to seek log‑clearing methods, and triggered a multi‑layered forensic and legal response that highlights critical gaps in identity‑access management, backup integrity, and insider‑threat detection.

AI-assisted attackMITRE ATT&CKdatabase deletion

0 likes · 13 min read

Twin Brothers Delete 96 Government Databases – A Privileged‑Account Failure Case Study

Ops Development & AI Practice

Jun 28, 2025 · Cloud Computing

Monitor EC2 SSH Logins in Real Time Using CloudWatch Agent

This guide shows how to use AWS CLI and CloudWatch Agent to automatically collect, centralize, and alert on EC2 SSH login events, providing a reproducible security‑audit solution that turns invisible system activity into searchable, actionable cloud data.

AWSCLICloudWatch

0 likes · 9 min read

Monitor EC2 SSH Logins in Real Time Using CloudWatch Agent

Bilibili Tech

Apr 18, 2023 · Cloud Native

Kubernetes Audit Log Analysis for Container Security

The article explains how to enable Kubernetes audit logging and use its detailed fields—such as userAgent, responseStatus, requestURI, and object references—to detect CDK‑generated attacks and other threats like CVE‑2022‑3172, privilege escalation, and backdoor deployment, offering practical detection examples and security recommendations.

API ServerAudit loggingCDK

0 likes · 15 min read

Kubernetes Audit Log Analysis for Container Security

Alibaba Cloud Developer

Sep 9, 2022 · Information Security

How to Build a Comprehensive Cloud‑Native Kubernetes Security Monitoring System

This article examines the evolving security risks of cloud‑native architectures, explains why traditional perimeter defenses are insufficient, introduces zero‑trust principles for Kubernetes, outlines common K8s threat vectors, and presents a complete data‑collection and monitoring solution based on the open‑source iLogtail agent.

KubernetesObservabilityZero Trust

0 likes · 30 min read

How to Build a Comprehensive Cloud‑Native Kubernetes Security Monitoring System

Programmer DD

Apr 18, 2021 · Information Security

Why Your Enterprise Needs a Log Auditing System: Core Features & Deployment

This article explains what log auditing is, why a unified audit platform is essential for compliance and security operations, outlines its core goals, main functions such as unified collection, correlation analysis, real‑time alerts, forensic reporting, and describes typical deployment architectures and modules.

Log AuditingLog ManagementSIEM

0 likes · 8 min read

Why Your Enterprise Needs a Log Auditing System: Core Features & Deployment

58 Tech

Mar 31, 2021 · Big Data

Design and Implementation of an Intelligent Security Monitoring and Alert System

This article presents a comprehensive design of a real‑time security monitoring and alert platform, detailing challenges in high‑concurrency risk control, an architecture that replaces OLAP polling with scalable compute services, event‑time processing, dynamic thresholding using fbprophet, and practical optimizations with Redis and ClickHouse.

ClickHouseReal-time analyticsdynamic thresholds

0 likes · 13 min read

Design and Implementation of an Intelligent Security Monitoring and Alert System

Architect's Tech Stack

Apr 28, 2019 · Information Security

GSIL – GitHub Sensitive Information Leakage Monitoring Tool: Installation, Configuration, and Usage Guide

This article introduces GSIL, a near‑real‑time GitHub sensitive‑information‑leakage monitoring tool, and provides step‑by‑step instructions for installing the Python package, configuring email and GitHub token settings, defining scanning rules, and scheduling automated scans and reports via cron.

AutomationConfigurationGitHub

0 likes · 6 min read

GSIL – GitHub Sensitive Information Leakage Monitoring Tool: Installation, Configuration, and Usage Guide

MaGe Linux Operations

Mar 30, 2019 · Information Security

How to Build a Real-Time Security Log Collection and Alert System with ELK, Kafka, and Flume

This guide walks through setting up a comprehensive security log collection pipeline—covering WAF, firewall, and Nginx logs—using ELK, Logstash, Kafka, and Flume, and then configuring real‑time alerts with Sentinl or ElastAlert integrated with DingTalk and email notifications.

AlertingELKFlume

0 likes · 16 min read

How to Build a Real-Time Security Log Collection and Alert System with ELK, Kafka, and Flume

Alibaba Cloud Native

Feb 20, 2019 · Information Security

How to Leverage Kubernetes Audit Logs for Secure Monitoring and Analysis

This article explains the fundamentals of Kubernetes audit logs, their JSON format, recording stages and levels, and shows how to configure policies, analyze logs, and use Alibaba Cloud's integrated solution to create visual reports, custom alerts, and advanced queries for security monitoring.

Kubernetesaudit logslog analysis

0 likes · 13 min read

How to Leverage Kubernetes Audit Logs for Secure Monitoring and Analysis

ITPUB

Jun 15, 2016 · Information Security

How a Nginx Null‑Byte Upload Vulnerability Fueled a Server Load Spike

A sudden 50% server load increase was traced to a malicious PHP file uploaded via an Nginx %00 null‑byte vulnerability, revealing how the exploit works, how it was detected, and steps to prevent future attacks.

NGINXServer Loadnull-byte vulnerability

0 likes · 7 min read

How a Nginx Null‑Byte Upload Vulnerability Fueled a Server Load Spike