In Ubuntu 20.04 LTS, the OpenSSL 1.1.1f library has been modified to use Security Level 2 by default (previous versions of Ubuntu use Security Level 1). Security Level 2 guarantees that protocols, key exchange mechanisms, cipher suites, signature algorithms, certificates and key sizes provide a minimum of 112 bits of message secrecy. In practice, it means that RSA keys are required to be at least 2048 bits long and ECC keys at least 224 bits using the SHA256 certificate signature algorithm.

Everyone at Splunk is very proud of the amazing things that our customers and partners do with their data. It is always extra special when one of those organisations is really doing good and looking after us all in our daily lives. I’m delighted to share one of those stories from the Derbyshire Fire & Rescue Service (DFRS) who is using Splunk as its data-driven SIEM.

One of the great things about developing for Splunk Security Essentials is that most of the features and capabilities are requested from customers and the security community. In this latest release (3.1), we added a feature that has been requested frequently: the ability to filter the ATT&CK Matrix for Cloud and SaaS Techniques. The MITRE ATT&CK Framework consists of multiple matrices such as Enterprise, Mobile, and ICS.

When it comes to cybersecurity, the landscape is constantly changing: the number of cyberattacks is always on the rise, the attacks themselves are becoming more sophisticated, and there’s a serious skills shortage in the industry. There’s a lot to learn about cybersecurity if you want to keep up and keep your users protected.

As our enterprise customers build out large, multi-cluster Kubernetes environments, they are encountering an entirely new set of security challenges, requiring solutions that operate at scale and can be deployed both on-premises and across multiple clouds.

A security operations center (SOC) is the centralization of your security processes and tooling. It can enable you to monitor for, evaluate, and respond to incidents across your organization with increased efficiency and effectiveness. By centralizing your security efforts, you create greater visibility into your systems and can better analyze and detect threats. At the core of an SOC is your SOC team.

Passing an audit is hard — whether you’re in retail, healthcare, finance, or honestly, any industry that values security. Most organizations these days are faced with regulatory standards that must be enforced, which bring both technical and business challenges that are difficult to overcome.

With a majority of the workforce now adopting a work-from-home routine, maintaining the normal functioning of your network and ensuring compliance with industry standards is not an easy job. When employees are working remotely, it is especially crucial to ensure network compliance with industry standards and internal policies to secure your network from cybersecurity breaches.

As the COVID-19 pandemic continues to force employees to work from home, businesses are facing new and unique challenges to ensure business continuity. When remote work is mandated due to COVID-19, the transition isn’t smooth for many businesses; not every business has the infrastructure to make the abrupt shift, even given the immediate need to go remote.

Email-based attacks can take many forms, and are typically deployed by cybercriminals in order to extort ransom or leak sensitive data. Just recently, a banking Trojan named Trickbot targeted Italy, a hotspot for COVID-19 cases, with email spam campaigns. While the email subject line is in line with the daily concerns and talks about spread of the virus, the attachment was actually a malicious script.