Today we are releasing Grafana 6.7.4 and 7.0.2. These patch releases include an important security fix for an issue that affects all Grafana versions from 3.0.1 to 7.0.1.

We hosted our first ever virtual Elastic{ON} Gov Summit with one primary goal: recreate the collaboration and community-building we normally enjoy at our in-person Gov Summit in a new, virtual format. And we were humbled to be able to do just that. The event gathered more than 2,000 registered attendees from across government agencies and partners to collaborate while so many of us were social distancing across the nation.

In this post, we continue our discussion of use cases involving account take over and credential access in enterprise data sets. In the first part of this series, we introduced the definition of a VIP account as any account that has privileged or root level access to systems/services. These VIP accounts are important to monitor for changes in behavior, particularly because they have critical access to key parts of the enterprise.

The novel COVID-19 pandemic has changed the way organizations work. The sudden transition to remote work has forced organizations to look for temporary fixes to bridge the gap, leaving their endpoints exposed to an unprecedented threat landscape. Insecure internet connections, a lack of perimeter security, and the inability to implement effective security policies have made remote endpoints a breeding ground for threat actors.

In government, mobile devices are both embraced and resisted. The mobility and ease of use afforded by smartphones and tablets helps boost worker productivity even as they open doors for hackers. According to research by Wandera, in 2018 there were 455,121 mobile phishing attacks, 1.9 million Wi-Fi incidents, and 32,846 malware attacks.

The world of cybersecurity is fast-paced and constantly changing. Where certain strategies once worked perfectly, new threats eventually emerge. Keeping up with a growing number of malicious influences and implementing effective security strategies to combat them involves staying up to date on yearly shifts in cybersecurity practices across industries. Here, we have put together a short list of important trends in cybersecurity that are likely to develop throughout 2020. Read on to learn more.

As a leading, open-source multi-cluster orchestration platform, Rancher lets operations teams deploy, manage and secure enterprise Kubernetes. Rancher also gives users a set of CNI options to choose from, including open-source Project Calico.

These days, “SIEM” (Security Information and Event Management) is all over the place. SIEM tools work by collecting data from multiple systems and noticing patterns in the data. This adds immediate value to the business by providing insights, security recommendations, and actionable intelligence. Despite being helpful tools for many companies, SIEM tools do have their drawbacks. This article will describe the four main ones and offer suggestions for how they might be overcome.

Contributor and CFEngine Champion, Jon Henrik Bjørnstad, developed a tool for encrypting files using CFEngine host keys, called cf-keycrypt. Thank you to Jon Henrik and all of our contributors for helping improve the CFEngine project. Our developer, Vratislav Podzimek, recently took some time to review the cf-keycrypt code, and made many improvements and fixes.

This CVE is a Server Side Request Forgery (SSRF) vulnerability in kube-controller-manager that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master’s host network (such as link-local or loopback services).