Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Web applications and hosted software make up the largest attack surface for modern tech organizations. The most common web vulnerabilities being exploited go beyond the OWASP Top 10 list. At Detectify, we work in close collaboration with an invite-only community called Detectify Crowdsource to get the latest vulnerability research into the hands of security defenders. Besides knowing the vulnerabilities, you need the know how on how to mitigate them.

Earlier this year, Gartner published its latest research on the Security Orchestration, Automation and Response (SOAR) market in a report entitled, “Is Your Organization Mature Enough for SOAR?”. We’ve been talking to clients about this very subject and agree with Gartner that SOAR tools can increase SecOps efficiency and consistency, provided organizations have laid the proper groundwork.

In any case, by using the MITRE ATT&CK framework to model and implement your cloud IaaS security, you will have a head start on any compliance standard since it guides your cybersecurity and risk teams to follow the best security practices. As it does for all platforms and environments, MITRE came up with an IaaS Matrix to map the specific Tactics, Techniques, and Procedures (TTPs) that advanced threat actors could possibly use in their attacks on Cloud environments.

The CVE-2021-33909, named Sequoia, is a new privilege escalation vulnerability that affects Linux’s file system. It was disclosed in July, 2021, and it was introduced in 2014 on many Linux distros; among which we have Ubuntu (20.04, 20.10 and 21.04), Debian 11, Fedora 34 Workstation and some Red Hat products, too. This vulnerability is caused by an out-of-bounds write found in the Linux kernel’s seq_file in the Filesystem layer.

Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting critical industrial control systems (ICS). The impact of such an attack is amplified by the growing reliance on automation and antiquated protocols throughout many OT networks.

Cloud compliance is more important than ever, especially as businesses and organizations continue to engage in remote and digital work practices due to COVID-19. Even before the pandemic, more and more companies were migrating to the cloud. But what exactly is cloud compliance, and what are some best practices you should keep in mind if you’re shopping for a provider or looking to enhance your current computing system?

Security Information and Event Management (SIEM) technology provides visibility across an organization's information security systems by collecting and correlating events from logs across many different sources. Security analysts use tools like a SIEM to go “threat hunting”. By correlating disparate events across systems, they can often detect Indicators of Compromise (IoC’s) that may otherwise go unnoticed on individual systems.

Historically, processing claims, forms, and legal documents was an expensive and time-consuming affair that took place over fax and mail. DocuSign is one of the oldest companies in the electronic document processing space. Founded in 2004, the company has helped millions of users sign and validate documents online.

For any organization, insider attacks are like a severe illness: prevention is better than the cure. Like illnesses, insiders mask their malicious actions and can harm your organization for a long time before you detect them. This harm can be in the form of a loss of data, customers, money, etc.   Planning a risk mitigation process helps to stop insider attacks at the early stages or reduce their potential damage.

The executive order on cybersecurity President Biden issued in May doesn’t radically change federal cybersecurity practices for now, but it lays the groundwork for significant changes in the future. The EO directs multiple federal agencies to develop new policies and processes to safeguard federal networks, and also to improve the overall cybersecurity posture of all Americans.