The Elastic Infosec Detections and Analytics team is responsible for building, tuning, and maintaining the security detections used to protect all Elastic systems. Within Elastic we call ourselves Customer Zero and we strive to always use the newest versions of our products.
For many developers, a good IDE is like a Swiss Army knife. It is a tool that integrates all sorts of features you need as a developer in a single program. Therefore many developers primarily work from their favorite IDE instead of opening multiple single-purpose tools.
Multi-factor authentication (MFA) adds a layer of security to logins that is essential to prevent unwanted access. This verification process uses a second device (owned by the user) as an additional identity verification element to which a token is sent (or generated) that certifies access veracity. The most secure MFA systems use applications to generate temporary codes, but many still rely on sending text messages to mobile phones (OTP).
This summer, I was fortunate enough to get an internship at Teleport. Being part of the co-op program at the University of Waterloo, I have worked at many different companies before, and this internship will be my fourth placement as I finish my first term of the third year. The project that I was assigned to was an interesting one.
The Sysdig Security Research team has identified a Cryptominer attack hitting a Kubernetes pod running WordPress, related to the recent Botnet Sysrv-Hello. The goals of the attack were to control the pod, mine cryptocurrency, and replicate itself from the compromised system. In particular, the attackers targeted a misconfigured WordPress to perform initial access.
In the past couple of weeks, I’ve had the opportunity to attend two technology events IN PERSON!!! Seeing people “mask-to-mask” has been fun and educational. Forward Networks recently exhibited at Black Hat in Las Vegas and AFCEA TechNet Augusta. Obviously, security was the topic at Black Hat, but it was also top of mind for TechNet attendees, and attendees at both events stressed the need for better network behavioral insight.
Yesterday, the Biden Administration called upon leaders from Amazon, Apple, Google, IBM and Microsoft as well as other private and non-profit organizations to discuss crucial measures for improving the overall cybersecurity posture of the United States. (This follows an Executive Order , which we wrote about in May, outlining a 100-day initiative to improve the security of the modern software supply chain ).
UpGuard Summit is UpGuard’s quarterly virtual event where we discuss the future of cybersecurity with security leaders across the globe. During the latest UpGuard Summit, on August 18, 2021, some exciting announcements were made about new and upcoming features. The details are summarized below.
Since 2008, the CIS Controls have been through many iterations of refinement and improvement, leading up to what we are presented with today in CIS Controls version 8. CIS Controls reflect the combined knowledge of experts from every part of the ecosystem (companies, governments, and individuals). The controls reflect consideration by people in many different roles such as threat analysts, incident responders, solution providers, policy-makers, and more.
