AgentTesla is a Windows malware written in.NET, designed to steal sensitive information from the victim's system. It’s considered commodity malware given its accessibility and relatively low cost. Commodity malware poses a significant threat as it enables less sophisticated cybercriminals to conduct various types of cyberattacks without requiring extensive technical knowledge. AgentTesla has been a persistent and widespread threat since its emergence in 2014.

Browser extensions are a classic shadow IT concern. Assessing the reputation and security of a browser extension is crucial before installing it on a company computer, as extensions often have wide-ranging permissions that could be abused for data theft or other malicious activities. In an open environment style company, extensions generate significant shadow IT risk that needs to be managed and addressed.

Splunk Enterprise and Splunk Cloud Platform, along with the premium products that are built upon them, are open platforms, which allow third party products to query data within Splunk for further use case development. In this blog, we will cover using Amazon SageMaker as the ISV product using the data within Splunk to further develop a fraud detection use case to predict future risk scores.

Telecommunications, Internet Service Providers, and Cloud Providers are some of the most critical sectors on the planet. They enable global connectivity, provide access to a wealth of information in real time, and transform business operations. As the foundation of modern communication, these industries have ushered in countless innovations and propelled society forward.

Communication protocols govern data transmission between computer networks. These protocols, such as File Transfer Protocol (FTP) and Simple Mail Transfer Protocol (SMTP), determine how data is transferred between devices through a port, which is a unique connection endpoint for a specific service. Because file transfer moves files over the internet, insecure file transfer ports create opportunities for hackers to send their own malicious payload or for other threat actors to intercept traffic.

As third party outsourcing and cloud services become commonplace for enterprise organizations, security leaders need to understand and assess the cybersecurity risks of businesses that they partner with for “technology infrastructure services.” Security leaders want accurate, up-to-date information about their infrastructure provider’s security policies, procedures, and program performance so they can better understand risks to their own organizations.

When it comes to cybersecurity governance, 2023 stood out as one of the most eventful in a very long time. With everything from the enactment of stronger new cybersecurity regulations around incident disclosure from the Securities and Exchange Commission (SEC) to significant changes afoot for financial and cloud services providers operating within the European Union, many companies worldwide will be called to adjust to a new normal in 2024.

Apache Log4j 2, a Java-based logging library, was affected by a zero-day vulnerability on December 9, 2021. The vulnerability, known as Log4Shell and identified by the National Institute of Standards and Technology (NIST) as CVE-2021-44228, allows cybercriminals to take control of vulnerable systems and servers. Many web applications, open-source cloud platforms, and service providers utilize Log4j.

The healthcare industry is no exception to the rapid levels of transformation we’re seeing across multiple industries right now. As more facilities begin to leverage electronic health records (EHRs) and internet-connected medical devices for patient care, organizations are becoming more reliant on advanced technologies. While these changes have helped advance patient care in many ways, they have also introduced the healthcare sector to greater levels of risk.

The last 12 months have been awash with incidents that led to significant data breaches, government regulatory and legal sanctions, and loss of business services availability. In 2023 we saw the most private personally identifiable information exposed, business services shut down, and CISOs fired—and even charged for legal violations by the federal government.