Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Spam In the Browser

A new kind of spam is being observed in the field that uses the browser notification feature to trick users into subscribing to sites that will in turn bombard users with notifications usually related to click or add profit schemes. Subscription notification request seen below: Browser notification subscription requests are a legitimate feature that allows visitors of a site to be notified when there is new content available. It saves users the need to constantly refresh or keep open browser tabs.

Ubuntu 20.04 LTS to enforce stronger TLS v1.2 encryption by default

In Ubuntu 20.04 LTS, the OpenSSL 1.1.1f library has been modified to use Security Level 2 by default (previous versions of Ubuntu use Security Level 1). Security Level 2 guarantees that protocols, key exchange mechanisms, cipher suites, signature algorithms, certificates and key sizes provide a minimum of 112 bits of message secrecy. In practice, it means that RSA keys are required to be at least 2048 bits long and ECC keys at least 224 bits using the SHA256 certificate signature algorithm.

9 Low-Cost or Free Cybersecurity Training Resources

When it comes to cybersecurity, the landscape is constantly changing: the number of cyberattacks is always on the rise, the attacks themselves are becoming more sophisticated, and there’s a serious skills shortage in the industry. There’s a lot to learn about cybersecurity if you want to keep up and keep your users protected.

Derbyshire Fire & Rescue Service: Fighting cybersecurity fires with Splunk

Everyone at Splunk is very proud of the amazing things that our customers and partners do with their data. It is always extra special when one of those organisations is really doing good and looking after us all in our daily lives. I’m delighted to share one of those stories from the Derbyshire Fire & Rescue Service (DFRS) who is using Splunk as its data-driven SIEM.

Splunk Security Essentials 3.1: Enhanced MITRE ATT&CK Matrix: Find the Content that Matters the Most to You, Faster

One of the great things about developing for Splunk Security Essentials is that most of the features and capabilities are requested from customers and the security community. In this latest release (3.1), we added a feature that has been requested frequently: the ability to filter the ATT&CK Matrix for Cloud and SaaS Techniques. The MITRE ATT&CK Framework consists of multiple matrices such as Enterprise, Mobile, and ICS.

Cloud IT - ManageEngine's Cloud Solutions

ManageEngine, with its wide range of product portfolio, offers IT management solutions through the cloud. A one-stop shop vendor to choose from a host of cloud offerings on IT Helpdesk and Asset Management, Identity Management, Mobile Device Management, Patch Management and IT infrastructure monitoring.