Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Code42 launches a new app in the Sumo Logic Open Source Partner Ecosystem

Digital business transformation requires a fast-moving, collaborative culture. As companies on this fast track focus on innovation and speed to market, they inherently introduce more risk from the inside. Furthermore, in 2020, remote work became the norm, requiring increased adoption of cloud collaboration technologies. This shift caused a sudden acceleration of insider risk like we’ve never seen before.

Fail2ban Monitoring with InfluxDB and Telegraf

If you have a server open to the internet on Port 22 (the default port for SSH servers), it’s common to find several “Failed password” in your auth.log (log file) every minute, due to bots constantly browsing the internet for servers that are easy to hack with common passwords. But if your auth.log is growing very fast and SSH daemon randomly refuses to create new connections, then someone probably marked your server as a target for coordinated SSH brute-force attack.

Why ManageEngine PAM360 is the ultimate privileged access management solution

At ManageEngine, we‘re building one of the most comprehensive and tightly integrated IT management software suites on the market. We have over 90 products and free tools to manage all your IT needs, including Active Directory management, help desk management, desktop and mobile device management, network and server management, application management, IT security, and analytics.

Secure Your Endpoints with Sophos & Logz.io

Intercept X is Sophos’ endpoint security solution, including anti-ransomware, zero-day exploit prevention, plus managed endpoint defense and response. It employs a layered approach reliant on multiple security techniques for endpoint detection and response (EDR). Those tactics include app lockdown, data loss prevention, web control and malware detection.

What the new WhatsApp Privacy Policy is all about and what it means for you

It was January 2007 when Steve Jobs officially announced the 1st Generation iPhone. At the time, there’s no doubt that he foresaw how the newly created concept of smartphone applications would become part of our everyday life. Fast forward a decade and we now have apps for literally everything, from trackable maps to online shopping, online banking to instant messaging.

IT security under attack: Credential dumping attacks in Windows environments

Most of the time, threat actors in the cybersecurity landscape don’t employ advanced techniques and tools to intrude and establish a foothold within networks. Often, they disguise malicious operations by mimicking the activities of legitimate users, leaving behind little to no footprint. Blending malicious actions with day-to-day IT activities helps attackers maintain a low profile and remain undetected for a longer period.

Splunk SOAR Playbooks: Finding and Disabling Inactive Users on AWS

Every organization that uses AWS has a set of user accounts that grant access to resources and data. The Identity and Access Management (IAM) service is the part of AWS that keeps track of all the users, groups, roles and policies that provide that access. Because it controls permissions for all other services, IAM is probably the single most important service in AWS to focus on from a security perspective.

Why Use Active Directory Security to Improve Your Server Security?

How do you secure your network servers, laptops, desktops, and workstations? A good starting point is to have a checklist of how to enable security features on these devices. You also need to enable a server monitoring service to track specific events and generate event logs. Yet, your security tasks are never done. You can get a false sense of security if you merely go through your checklist of security items and stop.