Cybersecurity awareness, protection, and prevention is all-encompassing. In addition to implementing the right tools and resources, and hiring skilled professionals with the right cybersecurity education and experience, organizations should be aware of the latest CVEs.

On May 27, 2022, a Microsoft Office document was submitted from Belarus to VirusTotal, using a novel method to deliver its payload. This new technique was identified as a Zero-Day RCE (Remote Code Execution) vulnerability in Microsoft Support Diagnostic Tool (MSDT), which is now being tracked as CVE-2022-30190. As of this writing, it affects only Windows computers running with MSDT URI protocol enabled.

“Ransomware has become the enemy of the day; the threat that was first feared on Pennsylvania Avenue and subsequently detested on Wall Street is now the topic of conversation on Main Street.” Frank Dickson, Program Vice President, Cybersecurity Products at IDC.

It's important to understand how hackers target small businesses and that smaller companies are a favorite object of hackers. Why? Because small businesses often lack the security measures and financial resources in place that larger businesses have.

Kubecon EU returned to Spain. This time to Valencia, city of paella and horchata and, of course, a great place for big events. We had a great time meeting you all in person, and attending the talks. Here are our hot takes from the event. The main event started on Wednesday, but before that different co-located events took place: Ebpf Day, Cloud Native SecurityCon, and PrometheusDay among others. These events gathered a large number of attendees.

I was listening to a recording of some colleagues speaking with a customer about security ratings and cyber insurance and there were some confusions in the discussion that troubled me and I wish that I had been there to help clear them up. Or at least try. So this little musing is meant to do that..

On May 27, 2022, the nao_sec independent security research group shared a VirusTotal link to a weaponized Microsoft Office document revealing a previously unknown vulnerability in the Microsoft Support Diagnostic Tool (MSDT). This vulnerability is most likely to be exploited via phishing lure attachments and is triggered when a document is opened.

It’s been a really long few years in IT. You’ve been working nearly ‘round the clock. First, it was “get everyone remote and productive!” Then it was, “make sure everything is secured!” Now, it’s “we need to document everything with all the new security and privacy compliance requirements!” It’s easy to feel like you’re stuck in a perpetual hamster wheel, running continuously and going nowhere.

With more and more organizations moving from traditional on-premises infrastructure to the cloud, it remains critical for organizations to have robust security monitoring, regardless of their cloud platform of choice. Sumo Logic Threat Labs has expanded our log parsing, mapping and detection rules for Microsoft Azure. While our Cloud SIEM has broad coverage for AWS and GCP platforms, we wanted to close the gap for Azure coverage, which previously addressed: Azure - Event Hub Deleted Signal Firing.

We are thrilled to announce that we secured our Series A funding round of $12 Million to fulfill our vision of a world where security is a given, not a hope. The round was led by US-based Tola Capital and introduced experienced business angels such as Thomas Dohmke. We will use the funds to add support for more programming languages, provide further dev tool integrations and grow the team.