Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2022


4 golden reasons for equipping your SOC with ManageEngine Log360

Cyberattacks are fast becoming a part of our daily lives. Multiple sources such as Norton Security and Forbes suggest that since the pandemic, attacks are not only increasing in number, but they are becoming more targeted and sophisticated. The attackers using Ransomware as a Service and double extortion techniques are prime examples of how sophisticated attacks are becoming these days. Norton Security states that there are more than 2,200 cyberattacks on a daily basis.

Keeper Commander - Using SSH Command

Keeper Commander can establish basic SSH connections through the command line interface on any device using the native SSH connection tool. Commander's ssh command provides instant SSH connections for any "SSH" Record Type in the vault. To create an “SSH” type record in your vault, create a new record and select “SSH key” as your record type. Paste your private key to the appropriate field in your record and populate the login and hostname fields.

Building Your Security Analytics Use Cases

It’s time again for another meeting with senior leadership. You know that they will ask you the hard questions, like “how do you know that your detection and response times are ‘good enough’?” You think you’re doing a good job securing the organization. You haven’t had a security incident yet. At the same time, you also know that you have no way to prove your approach to security is working. You’re reading your threat intelligence feeds.


Australia and US Pledge More Government Cybersecurity Spend for 2022-23

In the midst of a growing global cyberthreat landscape, the Australian and US governments this week announced plans to increase spend to bolster federal cybersecurity. The Australian federal government’s newly released 2022-23 federal Budget has dedicated AU$9.9 billion to support cybersecurity and intelligence capabilities under a program called Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers (REDSPICE).


5 Essential Ways to Improve SDLC Security

Vulnerabilities found in application platforms and third-party libraries have drawn growing attention to application security in the last few years, putting pressure on DevOps teams to detect and resolve vulnerabilities in their Software Development Life Cycle (SDLC). Take the NVD (National Vulnerability Database), which tracks and records all significant vulnerabilities published and disclosed by software vendors.

outpost 24

Dissecting Spring4Shell

An RCE vulnerability affecting Spring Core’s JDK 9 and later has become a trending topic in cybersecurity networks during the past couple days. This discovery, compared by some to the Log4Shell vulnerability, generated a lot of confusion and even got mistook with a different vulnerability affecting Spring Cloud, which got a CVE assigned the same day, and even linked them to completely unrelated commits on Spring Core’s GitHub.


The Essential List of Terraform Modules and Their Purposes

Rapid and constantly-evolving software development cycles have increased the need for reliable and fast infrastructure changes. Thus manually carrying out infrastructure changes has become an unscalable process – which is what Infrastructure as Code (IaC) tools are here to solve. They enable teams to codify their infrastructure configurations and integrate them directly into their CI/CD pipelines.


What is Red Teaming in Cyber Security? The Complete Guide

Red teaming is the practice of asking a trusted group of individuals to launch an attack on your software or your organization so that you can test how your defenses will hold up in a real-world situation. Any organization reliant on software – including banks, healthcare providers, government institutions, or logistics companies – is potentially vulnerable to cyberattacks, such as ransomware or data exfiltration.


CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups

At CrowdStrike, we believe that rigorous, independent testing is a vital part of the security ecosystem. It provides customers with transparency and insight into the critical capabilities required to stop today’s sophisticated threats. That’s why I’m excited to share the results of Round 4 of the MITRE Engenuity ATT&CK Enterprise Evaluation: The CrowdStrike Falcon platform stops breaches with 100% prevention, comprehensive visibility and actionable alerts.


Cloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365

As many organizations move to the cloud, CrowdStrike has noticed a significant increase in both opportunistic and targeted attacks against cloud resources, with a large number of these attacks targeting organizations’ Microsoft 365 (M365) infrastructure, often specifically around their business email service, or Exchange Online.


March Developer Roll Up

It is the end of the month and the end of the quarter. It has been a big one here at LimaCharlie. We have grown the team and released three new sensor types built on our new open-source adapter, and this is just the beginning. We are also starting something new. For an hour every Friday, we are going to be holding office hours starting at 9.00 AM PT.


8 Data Protection Best Practices for Data Backup Day, and Every Day

Originally created when a journalist had his digital livelihood ruined by a cyber-attacker in 2012, World Backup Day has gained commercial significance as organizations manage ever-larger data volumes and face a higher risk of data breaches.