Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

The Colonial Pipeline ransomware attack: Lessons for cybersecurity teams

Jun 15, 2021 By PAM360 In ManageEngine

The recent ransomware attack on Colonial Pipeline is reportedly one of the most significant cyberattacks on the energy sector till date, and it has overwhelmed cybersecurity experts across the globe.

Read Post

ManageEngine

Read more about The Colonial Pipeline ransomware attack: Lessons for cybersecurity teams

No One Likes Passwords and They are the Leading Cause of Data Breaches

Jun 15, 2021 By James Saturnio In Ivanti

Did you hear about the latest data breach caused by a stolen password? Technically, it was a user account security token used by the malicious cyber threat actors to gain initial access into the company’s chat workspace. Once on the IT chat channel, the threat actors impersonated an employee and then used a simple social engineering tactic to trick an IT support member into providing them with a long-lived login access token onto the corporate network.

Read Post

Ivanti

Read more about No One Likes Passwords and They are the Leading Cause of Data Breaches

What you need to know about Process Ghosting, a new executable image tampering attack

Jun 15, 2021 By Gabriel Landau In Elastic

Security teams defending Windows environments often rely on anti-malware products as a first line of defense against malicious executables. Microsoft provides security vendors with the ability to register callbacks that will be invoked upon the creation of processes on the system. Driver developers can call APIs such as PsSetCreateProcessNotifyRoutineEx to receive such events.

Read Post

Elastic

Read more about What you need to know about Process Ghosting, a new executable image tampering attack

Securing Modern Applications and APIs: Whose Job Is It, Anyway?

Jun 15, 2021 By Pratik Roychowdhury In VMware Tanzu

When an end user thinks of a modern application, they expect a user-friendly offering, one that works on any device, from any location, and that delivers constant innovation. To deliver on that expectation, under the hood there are a large number of distributed components (and micro-components) running heterogeneous workloads on hybrid environments.

Read Post

VMware Tanzu

Read more about Securing Modern Applications and APIs: Whose Job Is It, Anyway?

Bad guys are watching for new openings in your cloud, are you?

Jun 14, 2021 By Janet Matsuda In Sysdig

You see the headlines, and perhaps, ‘thank goodness it wasn’t us’ flickers through your mind. An overly permissive web server exposes 100 million+ consumer credit applications, or an S3 bucket leaves hundreds of millions of user records open to the public. A nightmare scenario for any CISO and their cloud security team!

Read Post

Sysdig

Read more about Bad guys are watching for new openings in your cloud, are you?

Splunk and Zscaler Utilize Data and Zero Trust to Eradicate Threats

Jun 14, 2021 By Splunk In Splunk

Splunk and Zscaler have partnered to deliver a superior, Zero Trust approach to security. Our tightly integrated, best-of-breed cloud security and security analytics platforms deliver a cloud experience for the modern, cloud-first enterprise.

View Video

Splunk

Read more about Splunk and Zscaler Utilize Data and Zero Trust to Eradicate Threats

SOARing w/ Splunk Phantom

Jun 14, 2021 By Splunk In Splunk

Hey kids, do you like automation? Danny chats with Dan Dagget (@sgviking) , @Splunk Community Leader for Phantom & Tom Wise from @Adarma_Security about how to SOAR. What is SOAR? Do you need it? Are you ready to deploy it even if you do need it? How many times will Danny screw up the audio settings like the true professional he is? All answers lie within.

View Video

Splunk

Read more about SOARing w/ Splunk Phantom

Rollbar Integrations: Okta

Jun 14, 2021 By Rollbar In Rollbar

Integrate Okta with your Rollbar in 5 minutes or less! Save time on administration and increase security by bringing Okta’s world-class authentication and secure access management to your Rollbar account. Rollbar is the leading continuous code improvement platform that proactively discovers, predicts, and remediates errors with real-time AI-assisted workflows. With Rollbar, developers continually improve their code and constantly innovate rather than spending time monitoring, investigating, and debugging.

View Video

Rollbar

Read more about Rollbar Integrations: Okta

Adversary emulation with Prelude Operator and Elastic Security

Jun 14, 2021 By James Spiteri In Elastic

It’s no secret that organisations are up against skilled, relentless and determined adversaries. Security operations teams need to continuously test their detection capabilities by carrying out adversary emulation plans that are made up of varying tactics, techniques and procedures (TTPs) and track key metrics of their coverage in order to close any existing gaps. There are many tools available for running adversary emulation plans and performing purple team exercises.

Read Post

Elastic

Read more about Adversary emulation with Prelude Operator and Elastic Security

Super Speed with Phantom Slash Commands

Jun 14, 2021 By Olivia Courtney In Splunk

Are you the type of person who loves the command-line? Is tab-complete your friend? Do you move faster on a keyboard than with a mouse? Then Phantom Slash Commands are for you!

Read Post