Operations | Monitoring | ITSM | DevOps | Cloud

Cyberattacks

Recommendations for monitoring SolarWinds supply chain attack with Sumo Logic Cloud SIEM

The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.

Elastic Security provides free and open protections for SUNBURST

On December 13, SolarWinds released a security advisory regarding a successful supply-chain attack on the Orion management platform. The attack affects Orion versions 2019.4 HF 5 through 2020.2.1, software products released between March and June of 2020. Likewise, on December 13, FireEye released information about a global campaign involving SolarWinds supply-chain compromise that affected some versions of Orion software.

3 Tips for MSPs to Handle Cyber Attacks

Managed service providers (MSPs) face ransomware, malware, and other cyber attacks — and these issues can affect both MSPs and their clients. To understand the full impact of an MSP cyber attack, let’s examine the topic in more detail. Businesses use MSPs to manage IT infrastructure and other resources. In doing so, businesses outsource the maintenance and care of applications, networks, security, and other aspects of their IT operations to a third-party.

Five worthy reads: The rise in credential stuffing attacks

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we explore how credential stuffing attacks are evolving and why they pose a greater threat than meets the eye. Credential stuffing is perhaps the simplest form of cyberattack, but it continues to make headlines despite its lack of sophistication. It has become the attack method of choice for cybercriminals primarily because of its high success rate and ROI.

What to do when your Site Experiences a DDoS Attack

It’s always in the early dawn hours – an SMS alert on your phone forces you to drag up your eyelids and look at a text: your site traffic has surpassed its usual threshold. You start to run through the possibilities as you drift off in search of a few more minutes of sleep but traffic keeps rapidly increasing and your brain jumps to a conclusion…could it be a DDoS Attack?

Alert AA20-302A: Federal agencies warn about ransomware attacks targeting hospitals

A cybersecurity bulletin was released by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) on October 28, 2020. The three agencies have issued a high-level warning about an increased, imminent threat of ransomware attacks in the healthcare sector. The cybercriminal group behind the TrickBot, Ryuk, and BazarLoader malware is now targeting U.S. hospitals and healthcare providers.

FabFit - Not So Fun for Customers with Stolen Payment Data

Our sources state that there has been a 20% increase in web-skimming attacks since the outbreak of the COVID-19 virus. Recently, we have witnessed some high-profile Magecart attacks. The latest Magecart attacks include; American Payroll Association, music giant – Warner Music Group, and lifestyle subscription brand – FabFitFun.

Understanding how attackers move inside your organization

Cyberthreats have been coming at us from the left, right, and center. The number of cyberattacks is forever on the rise, and companies need to keep ramping up their security measures to protect themselves. It’s important that these measures cover every aspect of a network environment. To understand why monitoring your whole environment is so important, let’s take a look at what an attacker might do once they get inside your organization.

Don't Let Cyberattacks Derail Your Digital Transformation Journey

Many organizations across the U.K. are tackling the three main factors behind digital transformation: cloud technology, IoT, and employee mobility. However, one downside to increased digitization is how this opens an organization up to the potential for more cyberattacks, which isn’t too surprising when you consider an expanded digital presence equates to an expanded attack surface.