Devo recently announced that it has entered into a strategic collaboration agreement with Amazon Web Services (AWS). This is a significant milestone for Devo and great news for our mutual customers with AWS. We caught up with Tony Le, cloud partnerships director, to take a deeper dive into what this means and how the collaboration will benefit our users in the long run.

Extortion can simply be defined as “the practice of obtaining benefit through coercion.“ Data and cloud extortion schemes occur when precious data and/or access is stolen by an attacker that promises to restore it through payment or other demands. In this article, we’ll cover some common or uncommon extortion schemes, and highlight ways to detect and avoid falling prey to demands.

Cyber insurance is a necessity in today’s cybersecurity landscape, especially in the wake of widespread ransomware attacks on commercial businesses of all sizes. A cyber insurance policy enables companies to transfer the cost of recovering from cyber incidents. In the event of a data breach, your cyber insurance policy can cover the costs of damages to others, profits lost if your network goes down, and the cost of negotiating ransomware.

Amazon Security Lake allows customers to build security data lakes from integrated cloud and on-premises data sources as well as from their private applications. Directing your security telemetry into a unified data lake makes it easier to manage, analyze, and route security-log and event data to third-party SIEM solutions that leverage that telemetry.

As organizations are rapidly moving to the cloud to leverage the cloud advantage, services are also moving to the cloud, including cybersecurity solutions such as SIEM. In fact, SIEM as a Service is rapidly gaining momentum as an alternative to traditional, on-premises SIEM solutions. In its 10 Questions to Answer Before Adopting a SaaS SIEM report, Gartner had predicted that by 2023, 80% of SIEM solutions will have capabilities that are delivered via the cloud.

Cyberattacks are still big business and on the rise. Despite substantial increases in cybersecurity spending, many businesses aren’t taking enough action to mitigate their risks. While a significant data breach in itself is a scary concept, the costs of inaction and the subsequent charges associated with investigations, penalty fines and reputational damage should worry you even more.

"People tell you who they are, but we ignore it, because we want them to be who we want them to be.” - Don Draper Earlier this year we announced some security enhancements to how we handle submissions to Splunkbase. The simple statement is we are making things faster/cheaper/better where Splunkbase security is concerned. Faster in that it takes less time for a developer to get an app into our platform. Cheaper in that it’s more automated.

Due to the growing acceptance of distance learning, digital courses, and most recently, the COVID-19 epidemic, online education has seen a significant increase. Online student identity verification has become more popular as a quick and secure method of verifying student IDs and a cost-effective approach to onboarding new students and employees. The rapidly disappearing manual and paper-based student verification procedures are neither scalable nor practical for educational institutions.

Kroll analysts have identified new tactics used by threat actors associated with the AvosLocker ransomware. Critical vulnerabilities have been exploited within Veeam Backup and Replication, which may be an attempt to hide activity from detection technologies. The proxy tool “Chisel” has been identified, which can encrypt traffic through a victim’s firewall and could be used as a further evasion technique.

The healthcare industry has been a favored target for cybercriminals for many years. In the first half of 2022 alone, 324 attacks against healthcare organizations have been reported. Attackers have primarily focused on large hospitals in years past, but there has been a sudden switch to smaller healthcare companies and specialty clinics. There seems to be a clear trend in attacks against the healthcare industry, and that trend includes targeting smaller healthcare companies and clinics.