The COVID-19 virus epidemic has seen a 23% rise in visitors to UK independent ecommerce sites. On a global scale, many companies have transitioned to fully ecommerce-based business practices and are seeing an increase in online shoppers. This paradigm shift in business continuity means websites are increasingly vulnerable to being attacked.

A number of domain “forgeries” or tricky, translated look-alikes have been observed recently. These attack campaigns cleverly abuse International Domain Names (IDN) which, once translated into ASCII in a standard browser, result in the appearance of a corporate or organization name that allows the targeting of such organization’s domains for impersonation or hijacking. This attack has been researched and defined in past campaigns as an IDN homograph attack.

TL;DR: Experts working with tech companies discuss a lot about security issues, both internally and with clients. Indeed, no software program or app is full-proof. While technological enhancements help companies and individuals to perform better, they enhance the capabilities of hackers too. Naturally, everybody has to take the necessary steps required to protect their interests, and the most common yet effective way to do it is to change passwords frequently.

In this blog, we will explore suspicious file activity inside a container and see how to effectively implement a file integrity monitoring (FIM) workflow. We’ll also cover how Sysdig Secure can help you implement FIM for both containers and Linux hosts.

As networks become more distributed and complex, it’s becoming ever more challenging for IT professionals to track all the events happening on their networks. Still, it’s vitally important to do so—logging activity on an agency’s network is critical to determining who’s on the network, what applications they’re using, and whether those applications can compromise the network and user data.

At Elastic, we believe in the power of open source and understand the importance of community. By putting the community first, we ensure that we create the best possible product for our users. With Elastic Security, two of our core objectives are to stop threats at scale and arm every analyst. Today, we’re opening up a new GitHub repository, elastic/detection-rules, to work alongside the security community, stopping threats at a greater scale.

A few years ago I wrote a blog article about the zero-trust network security model and why I thought it was something every organization should be thinking about implementing. While I still believe that to be true—probably more true than ever, in fact—the landscape since then has changed a great deal, particularly because of the increase in cloud-based services, and zero-trust is now an extremely achievable goal.