A new adversary simulation tool is steadily growing in the ranks of popularity among red teamers and most recently adversaries. Brute Ratel states on its website that it "is the most advanced Red Team & Adversary Simulation Software in the current C2 Market." Many of these products are marketed to assist blue teams in validating detection, prevention, and gaps of coverage.
On Sept. 29th 2022, cybersecurity organization GTSC publicized a report outlining attacks they have seen in the wild targeting as-yet unpatched vulnerabilities in Microsoft Exchange. When successfully exploited this combination of vulnerabilities results in an authenticated Remote Code Execution (RCE) attack. Until a patch has been issued, Microsoft has posted a security bulletin detailing a workaround.
The Splunk Vulnerability Disclosure SVD-2022-0604 published the existence of an attack where the dashboards in certain Splunk Cloud Platform and Splunk Enterprise versions may let an attacker inject risky search commands into a form token.
Cyber hygiene has become a highly visible topic in all business segments. Creating software and new features happens at a very fast pace — requiring lots of internal processes and operations to keep this up to date. However, it's also very important to be concerned with the fundamentals of information security in order to keep the company's digital assets protected. In this post, we'll discuss in detail the concept of cyber hygiene and some good practices to follow.
Classic (SimpleXML) dashboards are a powerful tool for you to share information with users and can include links for users to continue their investigations in other pages. As you likely already know, you can include external content in your Classic dashboard using HTML panels. You can also include external links or configure drilldowns to external URLs.
Every second, as your IT systems run every facet of your business, they are also creating data related to the health, performance and security of the systems themselves. This information, known as log data, is vital to SecOps, ITOps and DevOps teams as they seek to understand how the IT environment is functioning — and how secure those assets are.
