Auth0 is one of the top leading identity management platforms in the world. It’s focused on providing solutions for application builders, specifically solutions needed for custom-built applications. Auth0 provides expertise to scale and protect identities in any application, for any audience. This post will show you how Coralogix can provide analytics and insights for your Auth0 log data – including performance and security insights.

Cybersecurity has been a core issue in business management and growth. As businesses try to manage more remote teams, it’s important now more than ever. With technology becoming an integral part of our everyday lives, we’re exposed to an ever-growing risk of cyber-attacks and malicious technological crimes. According to a recent study, on average, hack attacks occur every 39 seconds. That is, one in three Americans is a victim of cybercrime every year.

It's been a while since I've had the opportunity to take a break, come up for air, and write a blog for some of the amazing work the Splunk Threat Research team has done. We have kept busy by shipping new detections under security-content (via Splunk ES Content Update and our API). Also, we have improved the Attack Range project to allow us to test detections described as test unit files.

Throughout the duration of COVID-19, there have been consistent rumors of increased nation-state espionage. In parallel, many recent ransomware strains have a COVID-19 tie-in. Now the United Kingdom's National Cyber Security Centre (NCSC), published an advisory report that the threat group APT29 is targeting governmental, diplomatic, think-tank, healthcare and energy targets for intelligence gain which are involved in COVID-19 vaccines development and testing.

Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two protocols that are used to identify a host address on a network when the DNS name resolution, which is the conventional method, fails to do so. When a DNS server is unable to resolve a request from a requester machine, the latter broadcasts a message to its peer computers asking for the location of the required server. Hackers leverage this operation to steal the credentials of the requester machine.

A new vulnerability, CVE-2020-8557, has been detected in kubelet. It can be exploited by writing into /etc/hosts to cause a denial of service. The source of the issue is that the /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager, so it’s not taken into account when calculating ephemeral storage usage by a pod.

My colleague Greg Zweig recently wrote a blog “Forget Videobombing – Worry About What You Can’t See” in which he outlined how Unified Communications (UC) assets are all too often left unsecured, making them an easy target.

Permissions and restrictions are something used to control how much access is provided to a particular user or user group. Therefore one must first understand what is the role of a user or a group. Here, you will understand permissions and restrictions through configuring users, user groups and roles. They can either be created using configuration files or web interface. When the Icinga Web 2 is installed a default user with admin access is configured.

Within the cyber security industry, it is well known that as a company grows, so does its attack surface. This trend lends itself largely to the fact that as more employees are hired, more company-owned machines (laptops, tablets, etc.) are distributed. The risk is that once a company-owned machine is given to an employee, it is up to the employee whether to follow the security best practices set forth by your company. Your technological asset has now become a security risk.