Today, we are announcing the general availability of our new module within our Global Intelligence Service with a benchmarking capability on AWS security by baselining the Amazon GuardDuty findings. If you are one of the 100,000 users of Sumo, go to your App catalog and install the Amazon GuardDuty benchmark app with one click and see your threats against the global threats that we gather from hundreds of Sumo customers.

Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General Data Protection Regulation (GDPR) in 2018, organizations that operate in the EU need to follow regulatory guidelines that can have real business implications if ignored. But when a cyber incident hits your organization, do you know if it needs to be disclosed to the public? How prepared are you to let your customers and authorities know?

In the attacker’s world, all vulnerabilities and potential exploits work toward the hacker’s advantage — not yours, not mine. This includes WordPress hacks. While living back east (over a decade ago), I was friends with several small business owners. One weekend morning, the owner of the local photography studio called me at 7 am and said: “I think I’ve been hacked.” I could hear the soft clicking of a keyboard in the background.

The usual fun facts from GitHub: Twistlock 19.07 is the 17th time we’ve shipped a major release, we’ve worked on 15,300 issues, pushed 7,400 commits, built Twistlock more than 1,200 times, and shipped over 390 customer requested features to 400 customers over more than 4 years! Twistlock protects most of the Fortune 10, more than 35% of the Fortune 100, and most Cabinet level agencies in the US Government, including all Department of Defense branches.

Today, Sysdig is proud to announce our integration with the AWS Security Hub. AWS Security Hub consolidates alerts and findings from multiple AWS services including, Amazon GuardDuty, Amazon Inspector, as well as from AWS Partner Network (APN) security solutions, which Sysdig is already a part of. This single pane of glass gives you a comprehensive view of high-priority security alerts and compliance status across AWS accounts.

Another outstanding Kubernetes release, this time focused on making the CustomResource a first class citizen in your cluster, allowing for better extensibility and maintainability. But wait, there is much more! Here is the full list of what’s new in Kubernetes 1.15.

Netskope Threat Research Labs has been tracking multiple similar malspam campaigns that began in April 2019. The spam campaign contains an ISO image file as an attachment containing the next level payload. This blog post details both the campaign and the payload.

A common discussion in the security industry is how to improve the effectiveness of detection and prevention systems. You can find tons of documentation and books about: The Defender's Dilemma, Blue Team vs Red Team, A Comprehensive Security Approach, among others. However, in any organization, it is very important to move beyond theory and implement specific solutions to detect security attacks and security threats.

In this post, I will describe in detail how to use the Threat Intelligence plugin that ships with Graylog. I’ll start with the steps necessary to prepare your data, then explain how to activate the feature and how to configure it for use.

A report released by the NASA Office of Inspector General (OIG) claims hackers were able to infiltrate NASA's network using a vulnerable, unapproved Raspberry Pi in its April 2018 data breach. In the report, "Cybersecurity Management and Oversight at The Jet Propulsion Laboratory" officials claim that in the April attack, hackers stole over 500 MB of sensitive data.