Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
How to detect MFA spamming with Falco
Threat actors continue to evolve methods to access valid credentials using new techniques such as multi-factor authentication or MFA spamming that we must detect. On Sept. 15, the security world was worked into a frenzy across social media as details of Uber’s “cybersecurity incident” were revealed.
DDoS Attacks in the Financial Industry: How to Protect Your Infrastructure and Payments
While Distributed Denial of Service (DDoS) attacks have been around for over a decade, they still continue to evolve and escalate, particularly during 2022. The tense geopolitical situation caused by the Russian invasion of Ukraine has affected the nature and intensity of these types of attacks, making states official participants in the DDoS mitigation market.
Introducing Change Control
Companies depend on Tines to automate their mission-critical security workflows. We take this responsibility extremely seriously, and we’re always enhancing our platform’s capabilities to make it even more trustworthy and reliable. Today, we introduced Change Control. When enabled, it adds a test environment to your Story, allowing you to prototype and experiment with changes, before applying them to your Story.
Updated Guidance for Microsoft Exchange Zero-Day Vulnerabilities Exploited in the Wild
On Wednesday, October 5, 2022, Microsoft published updated mitigation guidance for two zero-day vulnerabilities in Microsoft Exchange Server: CVE-2022-41040 (SSRF vulnerability) and CVE-2022-41082 (RCE vulnerability). Arctic Wolf covered initial assessments on this blog post. Organizations that run Microsoft Exchange on-prem or in a hybrid model should complete both Microsoft provided mitigations to reduce the potential for successful exploitation.
Additional Updated Guidance for Microsoft Exchange Zero-Day Vulnerabilities Exploited in the Wild
Late Wednesday, October 5, 2022, Microsoft published additional updated mitigation guidance for the two zero-day vulnerabilities in Microsoft Exchange Server that were exploited in the wild: CVE-2022-41040 (SSRF vulnerability) and CVE-2022-41082 (RCE vulnerability).
Cybersecurity Awareness Month: Why You Need To Use Strong Passwords
To kids, their Halloween candy stash might as well be a treasure chest. It is their most valuable possession and must remain hidden from pirates … or at least siblings dressed up like pirates. I grew up in a big family. With many kids in the house sharing the same love for Reese’s Peanut Butter Cups, I knew the value of my candy. I knew how important it was to keep it secure. I’d count the pieces multiple times a day.
Compromising Plaintext Passwords in Active Directory
A lot of attention gets paid to preventing pass-the-hash and pass-the-ticket attacks, but these tactics limit adversaries to what they can perform from the command line. Compromising a plaintext password gives an attacker unlimited access to an account — which can include access to web applications, VPN, email and more. One way to extract plaintext passwords is through Kerberoasting, but this brute-force technique takes a lot of time and patience.
Cloud security fundamentals part 1: Know your environment
140,000 Social Security numbers and about 80,000 bank account numbers — that’s what one attacker stole from a major financial institution back in 2019. How did it happen? The attacker used firewall credentials to obtain privilege escalation and hack into improperly secured Amazon cloud instances.
Universities take 207 days to detect a data breach
Although cyberattacks on higher education institutions date back years, there has been a spike in university cyberattacks over the last two years. Cybercriminals had taken advantage of the rapid transition to hybrid learning that higher education institutions have been forced to implement before they had time to strengthen their cybersecurity, which has left most of them exposed. This is yet another example of accelerated adoption of new technologies before security measures are in place.
Improve Threat Hunting with Long-Term, Cost-Effective Data Retention
What if you could easily extend the retention of your CrowdStrike Falcon® detection data for a year or longer? Would that help with compliance? Investigations? Threat hunts? In Part 1 of this series, we covered the basics of Falcon Long Term Repository (Falcon LTR). To recap, Falcon LTR is an option available to Falcon customers. It offers a simple and cost-effective way to retain your Falcon detection data long term, which has historically been a costly and complex endeavor for security teams.