Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2022

Detecting and responding to Dirty Pipe with Elastic

In recent days, several security vendors have published blogs about the Linux-based exploitation (CVE-2022-0847), also known as Dirty Pipe. The Elastic Security Research team is sharing the first detailed research to help organizations find and alert on the exploitation with Elastic Security products. We are releasing this research so that users can defend themselves, since very little information has been shared on the actual detection of exploitation attempts.

How to build collaboration across security and DevOps teams-and why it's business critical

For security and DevOps teams, staying a step ahead of the competition comes down to staying in lockstep with each other. Whether that competition takes the form of a threat actor lurking on a network or a rival company taking new products to market, collaboration can help security and DevOps teams better protect their organizations and develop innovative technology solutions.

46 days vs. 16 minutes: Detecting emerging threats and reducing dwell time with machine learning

Machine learning (ML) detections are a powerful tool for detecting emerging threats when we don’t yet know what we’re looking for. The power of anomaly detection is the ability to detect and provide early warning on new threat activity for which rules, indicators, or signatures are not yet available.

Elastic achieves Approved Product status from AV-Comparatives

Many organizations consider the AV-Comparatives' test series a standard of quality and a guarantee of a reliable product. Recently, Elastic participated successfully in the AV-Comparatives’ Enterprise Main Test Series and received the Approved Product award. This prestigious and industry-recognized quality award means that the Elastic Security software has been rigorously checked to ensure that it will perform its intended task competently.

Elastic Security 8.1: Stop novel attacks in their tracks

With the release of Elastic Security 8.1, enhance defenses against novel attacks like Log4Shell and prevent adversaries from compromising macOS systems. Achieve visibility into host-based network activity, leverage new sources of threat intelligence, collect data from across your enterprise, and more. Let’s jump in.

PHOREAL malware targets the Southeast Asian financial sector

Elastic Security discovered PHOREAL malware, which is targeting Southeast Asia financial organizations, particularly those in the Vietnamese financial sector. Given the continuous pace of malware development, it's no surprise that adversarial groups will leverage successful campaigns as the basis of developing future attacks, and the recently discovered backdoor campaign targeting Vietnamese financial services is no exception.