Touchless solutions have risen to the forefront this year because of the latest pandemic that has reshaped the way we work and live. When social distance policies were placed in motion, borders closed, establishments paused operations, and businesses moved online operating amid lockdown. Touchless technologies had to be put in place almost everywhere to preserve human touch. It has ceased to be just an option since it is now a necessity in the new normal.

TL;DR: This blog contains some immediate guidance on using Splunk Core and Splunk Enterprise Security to protect (and detect activity on) your network from the Sunburst Backdoor malware delivered via SolarWinds Orion software. Splunk’s threat research team will release more guidance in the coming week. Also please note that you may see some malicious network activity but it may not mean your network is compromised. As always review carefully.

Modern cyber security threats have today mutated into a new class that is immune to detection and prevention solutions offered by the security industry. We are looking at this new generation of hackers that master zero-day exploits, credential thefts, fake identities, and developing stealthy malware. These threats have kept the security personnel on their toes, figuring out what the next attack would look like. One of these challenges includes identifying false positive and false negative alerts.

Moving to the cloud means a lot more than just moving your servers and applications to the cloud; it’s also about the data – and data always has a target on it. A lot of IT departments are finding that it’s easier to meet the “five nines” (99.999%) of uptime and availability by going outside their organization and letting AWS, Microsoft, or Google handle the infrastructure and personnel needed to meet those requirements.

2020 has been a very interesting year for the global workforce, with the vast majority of organizations having to rapidly transition to a remote workforce with little to no prior notice thanks to the COVID-19 pandemic. The 2020 (ISC)2 Cybersecurity Workforce Study looks at the effect of this transition to remote work and how organizations have fared. It also analyzes the impact of the pandemic and the resultant transition to remote work on cybersecurity professionals.

Attackers (i.e., threat actors) often reuse techniques or resources, such as IP addresses, hashes, and domains, in multiple attempts to find and exploit vulnerabilities in your systems. Defenders can categorize this data as indicators of compromise (IOCs) and create collections of IOCs in order to look out for potential attacks. These IOC collections are known as threat intelligence.

The past decade has witnessed many organizations adapting to a digital workspace, replacing the traditional physical offices setups with virtual workplaces encompassing all the technologies that employees require to get their work done. Because of the pandemic, even companies that were once against the concept of a distributed workforce have now been forced to embrace remote work. Though a digital workspace offers a more flexible user experience for employees, it comes with its own set of challenges.

ThreatDetect™, our Managed Detection and Response (MDR) service, was voted SME Security Solution of the Year – an accolade we also received in 2019. In a virtual ceremony on 10th December, we were also runners up in the Pen Testing Solution of the Year and Remote Monitoring Solution of the Year categories.

Sumo Logic has reviewed the announced breach on December 8, 2020 by FireEye and their subsequent public release of over 300 countermeasure rules. We are continuing to analyze the available information and would like to share this update to all existing and prospective customers interested in how our Sumo Logic services can assist with this development.

2020 has been a quite the year for headline-grabbing data breaches thanks to a combination of record-breaking numbers and behind-the-hack tales. Despite huge investments in security tools and awareness, organisations of all sizes have struggled to fully protect their data from cyber criminals.