Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Disaster Recovery Planning: Getting Started

As organizations face the imminent threat of an IT service outage or cyberattack, they often fail to step back and understand how well they've planned to deal with the crisis. According to recent research, we know that: Perhaps the most regrettable part of it all? Almost half (45%) of these organizations already acknowledge the inadequacy of their disaster recovery capabilities.

What is Privilege Escalation? An Introduction

In the realm of cybersecurity, understanding how unauthorized access can compromise sensitive systems is critical—this is where the concept of privilege escalation comes into play. In this article, we will look at what privilege escalation is, how it exploits vulnerabilities and best practices for protecting your organization against privilege escalation.

CosmicSting: A Critical XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102)

The e-commerce world was recently shaken by the discovery of a vulnerability in Adobe Commerce and Magento, two of the most widely used e-commerce platforms. Dubbed "CosmicSting" and designated as CVE-2024-34102, this vulnerability exposes millions of online stores to potential remote code execution and data exfiltration risks.

Bypassing the Bypass: Detecting Okta Classic Application Sign-On Policy Evasion

In September 27, 2024, Okta disclosed a critical vulnerability affecting their Classic environment that created a concerning security gap in identity protection. The vulnerability, active since July 17, 2024, allowed attackers with valid credentials to bypass application-specific sign-on policies by simply modifying their user-agent string.

Cracking Braodo Stealer: Analyzing Python Malware and Its Obfuscated Loader

Braodo Stealer is one of the many active and evolving malware families designed to steal sensitive information, such as credentials, cookies, and system data, from compromised machines. Typically written in Python, this malware employs a variety of obfuscation techniques to conceal its true intentions, making it challenging for security solutions to identify.

Federated Analytics: Analyze Data Wherever It Resides for Rapid and Holistic Security Visibility

Data is everywhere, sprawling across cloud, on-premises, and hybrid environments. As security practitioners, we need fast access to this data to analyze it, draw insights, and uncover potential threats. However, the sheer volume of data and complexity of threats makes it difficult to maintain visibility, detect stealthy attacks, and respond quickly to security incidents.

Unify and Automate TDIR Workflows with Splunk SOAR 6.3 and Splunk Enterprise Security 8.0

Security teams are juggling 25+ different security tools that perform different actions across detection, investigation and response. Look up an IP here, send malware to a sandbox there, block an executable over there. What’s worse is that the vast majority of those actions are being performed manually. This approach is simply too slow against fast-moving attackers and malware, and it certainly isn’t sustainable.

Announcing the General Availability of Splunk Enterprise Security 8.0

At.conf24 we unveiled the private preview of Splunk Enterprise Security 8.0, and the buzz was undeniable. Today, we are thrilled to announce that Splunk Enterprise Security 8.0 is now generally available! This isn’t just another release—it’s a massive leap forward that redefines and revolutionizes security operations. Splunk Enterprise Security 8.0 is the cornerstone of the SOC of the Future.

What Is DFIR? Digital Forensics & Incident Response

We all know how often attackers gain access to online devices to compromise security. That’s why digital defense is as important as physical defense. However, ensuring digital safety can be more challenging than physical safety. To overcome this problem, authorities combine digital forensics with incident response. But what does this mean?

The Forensic Investigator Role: Skills and Responsibilities

Businesses adopt new and sophisticated technology every day. All that tech, however, comes with the risk of crime or financial fraud. That’s what forensic investigators help with — they solve these crimes by identifying the criminals and recovering the assets. Forensic investigators collect evidence from crime scenes, analyze it, and conclude the results in a report that later serves as an important document in trials.