The cybersecurity landscape in 2023 was increasingly complex, marked by sophisticated types of cyber threats such as ransomware and cyber espionage. Over half of the high-risk vulnerabilities were exploited by threat actors, with ransomware payouts averaging a significant $1,542,333, up from $812,380 in 2022. Phishing attacks dominated, accounting for over 80% of incidents, and 57% of organizations experienced frequent phishing attempts. Additionally, 4,000 ransomware attacks occurred daily since 2016.

If there’s one Go programming language feature that just doesn’t seem to catch a break when it comes to security, it’s the CFLAGS and LDFLAGS handling in cgo. This is a feature that lets parts of Go source code control the compiler and linker flags that are used to build that same code.

Cribl is an integrations company at heart. We want to help every company develop a data strategy that gives them more control, improves security, and provides flexibility to adapt to their ever-changing data needs. Today, we’re thrilled to announce that we are a Certified Wiz Integration (WIN) Partner to help customers take their cloud security game to the next level.

Observo.ai is excited to share that we now integrate with Panther Labs, a modern SIEM built for the cloud. This enables Panther users to leverage Observo.ai’s powerful telemetry data pipeline features. Observo.ai was created to help Security and DevOps teams solve their biggest telemetry problems. Using Artificial Intelligence, Observo.ai optimizes and transforms data from any source and routes it to the destinations where it has the most value.

On January 4, 2023, CircleCI warned its customers to rotate “any and all secrets” after a compromise by an unauthorized third party.

As the cybersecurity landscape becomes more and more complex. It seems like we hear about a major breach of a different company every day. Enterprises are looking for robust solutions to help them manage the surge in data and security incidents. That’s why our recent collaboration announcement with Microsoft means so much to us. It’s not just a piece of paper; it’s a testament to our dedication to providing customers with the best tools and solutions for the job.

Recently, an incorrect security report was published, claiming that there’s a SQL injection attack in Grafana. As we have communicated to the security researcher, this report is wrong. Authenticated users in Grafana have the same permissions as the user configured for the underlying data source.

Two modules are available for this task: allow-all-hosts and allow-hosts. The first module, allow-all-hosts, configures the most open situation which is to accept hosts from anywhere. This is only recommended in network restricted environments such as a local machine’s virtual machine network or other such closed down situations.