A selection of this week’s more interesting vulnerability disclosures and cyber security news. Some big news items this week, namely further details on the ransomware campaign claiming Norsk last week spreading to other targets. One bit of good news is that there appears to be a flaw in the code and a simple Windows Shortcut can stop it from working.

Since Active Directory is the foundation of all Windows networks, monitoring Active Directory needs to be part of any comprehensive security strategy. Up to version 3.5, EventSentry utilized Windows auditing and the security event log to provide reports on: User Account Changes, Group Changes and Computer Account Changes.

Last year, as in years prior, was a year full of cyber-attacks. But what was interesting was the trend of small and medium businesses being targeted more often. Generally, those types of businesses have either rested in the false impression that they’re not a big enough target or didn’t have plentiful valuable information hackers are seeking. The reality is the opposite and the stakes couldn’t be higher.

While most companies attempt to secure their data, many continue to fail their IT audits. When trying to determine whether your risk management program effectively mitigates risks, you need to find metrics that support your ability to comply with internal policies as well as external industry standards and regulatory requirements.

Microservice architectures running on containers have made applications easier to scale and faster to develop. As a result, enterprises are able to innovate faster and accelerate time-to-market for new features. To make management of microservices even more efficient and easier to run, service mesh solutions like Istio, Envoy, and Linkerd – and now AWS App Mesh – have become the next core building blocks of microservices infrastructure built on containers.

Highly regulated financial institutions often struggle with compliance management. As a financial institution matures its cybersecurity compliance program, the document management requirements often mean they need to find automated solutions that can create a single source of truth to ease audit stress.

It’s estimated that Ransomware costs will climb to roughly $11.5 billion in 2019, according to CSO Online. The frequency of attacks continues to increase as well. According to a report on Ransomware, these attacks occurred once every 120 seconds in early 2016. By 2017 this spiked to an attack occurring every 40 seconds. In 2019, the frequency is expected to grow to an attack happening every 14 seconds.

Log management is the answer to all of your digital transformation woes. No, hear me out. At its heart, log management is the (challenging) task of collecting and storing all machine-generated data from across your entire enterprise into a common repository. If this collection doesn’t happen, or if log collection is limited to certain datasets, there’s little chance of deriving those high value insights you dream of.

When Shelley published his famous poem in 1816, he was telling us that the only constant in life is change. This was not a new concept, even then. Heraclitus proposed the same concept around 500 BCE with ‘Panta rhei’ (Life is Flux or everything changes). Even though we all know and understand this ancient concept, people still have difficulty with change.

This week CVE-2019-3874 was discovered which details a flaw in the Linux kernel where an attacker can circumvent cgroup memory isolation using the SCTP socket buffer. In containerised environments, this has the potential for a container running as root to create a DoS.