Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cybersecurity industry has spent a lot of time talking about improving the analyst experience without making significant improvements. Much of the effort has been too focused on trying to find a silver bullet solution. Combine that with a global pandemic and things are just getting worse.

Once a malicious actor has gained initial access to an internal asset, they may attempt to conduct command and control activity.

On Wednesday, May 4, 2022, F5 disclosed a critical-severity vulnerability impacting the iControl REST authentication of BIG-IP systems being tracked as CVE-2022-1388. If successfully exploited, the vulnerability could lead to Authentication Bypass, which could allow a threat actor to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. BIG-IQ Centralized Management, F5OS-A, F5OS-C, and Traffic SDC are not impacted by CVE-2022-1388.

Toil — endless, exhausting work that yields little value in DevOps and site reliability engineering (SRE) — is the scourge of security engineers everywhere. You end up with mountains of toil if you rely on manual effort to maintain cloud security. Your engineers spend a lot of time doing mundane jobs that don’t actually move the needle. Toil is detrimental to team morale because most technicians will become bored if they spend their days repeatedly solving the same problems.

The attacks came from all corners in the past month, as cybercriminals used administrative access codes, stolen internal data, laser-focused programming tools, and even humble job applications to worm their way into organizations' inner workings. Let's look at some of the strange and sinister innovations that shaped the world of cybercrime this April.

Data theft, denial-of-service, ransomware—the world of cyber threats has never been more dangerous, in large part because there’s never been more vulnerabilities.

In this blog, we outline the benefits of opting for a managed SOC instead of setting up and running your own in-house SOC.

Over the past week, threat actors have started scanning for and opportunistically exploiting CVE-2022-29464--a remote code execution vulnerability in multiple WSO2 products used to integrate application programming interfaces (API), applications, and web services. CVE-2022-29464 vulnerability has a CVSS score of 9.8 and severity of Critical which allowed unauthenticated and remote attackers to execute arbitrary code in the following products.

While every sector of the economy experiences cyber attacks, the oil and gas industry is a particularly enticing target because there are inherent weaknesses in its rapidly expanding digital landscape. It's also an industry that can't afford to go offline at any time, which means cybercriminals can force quick action from those they attack.