Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

You’re reading the handwriting on the wall. Your company expanded its cloud infrastructure over the last few years, adding more and more Software-as-a-Service (SaaS) applications to its stack in response to remote work. Like 86% of other companies, you expect that this will continue at the same or an accelerated pace. In response to these IT changes, new laws and industry standards expect you to move toward a zero trust architecture.

The way we work has drastically changed since the start of the pandemic. With more companies adopting remote and hybrid work models, there has been a 600% increase in cybercrime and 65% of organizations have seen a measurable increase in attempted cyberattacks, which is particularly problematic since 78% say remote workers are harder to secure.

Did you hear the news? Graylog is on a mission to help make your IT environment and data more efficient and secure by making it super easy to uncover the answers stored in your machine data. At Graylog, coming up with solutions to problems faced by IT and Security professionals is what drives us. Our teams are always working on ways to add meaningful functionality that increases productivity so you can focus your resources on the innovation and core competencies that you’re known for.

Following our February announcement that Devo has been designated as FedRAMP “In-Process,” I’m excited to report that our public sector momentum continues in other key areas. Here are some recent highlights: All of this momentum and growth is an affirmation of the excellence of the Devo Platform and the exceptional quality of our success services to support them. And it also demonstrates Devo’s long-term commitment to serving our customers and partners in the public sector.

The Splunk Threat Research Team has addressed a new malicious payload named AcidRain. This payload, deployed in the ongoing conflict zone of Eastern Europe, is designed to wipe modem or router devices (CPEs).

The Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect the Spring4Shell attack vector. This post shares detection opportunities STRT found in different stages of successful Spring4Shell exploitation. At the time of writing, there are two publicly known CVEs: CVE-2022-22963, and CVE-2022-22965. The Splunk Security Content below is designed to cover exploitation attempts across both CVEs.