Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk is proud to announce that Splunk SOAR has received Federal Risk and Authorization Management Program (FedRAMP) Agency Authorization at the Moderate impact level. Splunk SOAR is ready to help public sector teams work smarter by automating repetitive tasks, responding to security incidents in seconds, and increasing analyst productivity and accuracy to better protect their organizations and the missions they serve.

Researchers at Palo Alto Networks’ Unit 42 are tracking dozens of scam campaigns that are using deepfake videos to impersonate CEOs, news anchors, and high-profile government officials. Unit 42 believes a single threat actor is behind the scheme. The researchers discovered hundreds of domains used to spread these campaigns, each of which has been visited an average of 114,000 times. The goal of the operation is to spread investment scams and fake government-sponsored giveaways.

Telehealth and remote patient monitoring solutions enable healthcare providers to deliver care beyond traditional clinical settings. However, developing and deploying these digital healthcare solutions involves navigating complex challenges, particularly regarding data privacy and regulatory compliance. Ensuring adherence to HIPAA regulations while securely managing remote infrastructure adds layers of complexity for healthcare IT, security, and engineering teams.

Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the attack surface, such as extended detection and response (EDR or XDR), security information & event management (SIEM), and security orchestration, automation & response (SOAR); despite that, these tools often do not prioritize APIs.

Today’s established financial services companies face high pressure from their competition. Many of them find that they must provide an innovative, customized customer experience (CX) or lose out to FinTech disruptors who are already doing CX well. As a result, these businesses are prioritizing innovative, feature-rich applications and adopting the latest and greatest in software development to speed up release cycles and increase productivity.

On August 27, 2024, Fortra published a security advisory regarding a critical credential vulnerability in FileCatalyst Workflow, identified as CVE-2024-6633. FileCatalyst Workflow is a managed file transfer solution used for exchanging large files across networks.

Here’s an endpoint you don’t often think about: your car. But if it’s Wi-Fi enabled, as many new models are, that means it resides at the end point of a network connection and can communicate on that network, making it an endpoint.

As infrastructure continues to evolve for scalability, tenancy and efficiency, there is a growing need for solutions that can bridge the gap between mature cloud offerings such as OpenStack and the ease of deployment, flexibility, and elasticity provided Kubernetes. Red Hat OpenStack Services on OpenShift or “RHOSO” offers a compelling solution for organizations looking to achieve this goal.

We are thrilled to announce the latest enhancement to ARMO Platform: Seccomp Profiles Leveraging eBPF. This feature uses eBPF to take the guesswork out of creating seccomp profiles. Thus, benefiting from the added security seccomp profiles provide, without the risk of “breaking” applications.

Initial Access Brokers (IABs) are threat actors who infiltrate networks, systems, or organizations and sell this unauthorized access to other malicious actors. Instead of executing the entire cyberattack, IABs focus on the initial breach and monetize it by selling access to compromised systems. They assist ransomware operations, particularly RaaS schemes, by streamlining attacks and reducing workload at the start.