Companies spend a huge amount of their budget trying to build, manage, and protect cloud environments. Since there is no industry standard for sharing data feeds between development and security, each team is on an island trying to figure out how to keep their side of the room clean. The most robust security incident response teams understand the incredible value of using observability telemetry for security workflows, but are unsure how to make it happen in practice.

Organizations are constantly on the lookout for more efficient, streamlined solutions to bolster their security posture.

On July 19, 2024, CrowdStrike, a global cybersecurity company, experienced a significant outage caused by a faulty software update. This incident impacted millions of Windows machines across multiple industries, including transportation, defense, manufacturing, and finance. CrowdStrike has released an official statement and is posting updates on their blog. Microsoft has also published a blog with remediations, which we encourage you to review.

Over the last five to ten years cybersecurity has become a boardroom subject in the majority of enterprises. This would have never happened without ransomware. Ransomware has been the best board-level awareness tool ever.

Today, the Splunk Threat Research Team is thrilled to introduce ShellSweepPlus, an advancement in our ongoing mission to combat the persistent threat of web shells. Building upon the solid foundation of its predecessor ShellSweep, ShellSweepPlus is an enhanced version that takes web shell detection to new heights, incorporating cutting-edge techniques and a multifaceted approach to safeguard your web environments.

OpenSSH, an application installed by default on nearly every Unix-like and Linux system, has recently come under scrutiny due to a critical vulnerability discovered by Qualys. Designated as CVE-2024-6387 and aptly named "regreSSHion," this flaw exposes Linux environments to remote unauthenticated code execution. The implications of this vulnerability are far-reaching, potentially affecting countless servers and infrastructure components across the globe.