TOR was created with the idea of anonymizing connections across the Internet, but as in other instances, this can be used by attackers to hide themselves. In this article, we will describe how easy it is to detect inbound and outbound network connections through the TOR network using Falco.

The way we work has drastically changed since the start of the pandemic. With more companies adopting remote and hybrid work models, there has been a 600% increase in cybercrime and 65% of organizations have seen a measurable increase in attempted cyberattacks, which is particularly problematic since 78% say remote workers are harder to secure.

Across a health system’s digital terrain, the most vulnerable assets are connected medical devices. If those devices become compromised, the infiltration could impact a patient’s privacy, health and safety. Moreover, it could shut down care delivery for days, weeks or longer, with long-lasting financial and reputational impacts. According to Deloitte, an estimated 70% of medical devices will be connected by 2023.

Apple has recently released OS updates for multiple operating systems, addressing known and exploited security vulnerabilities along with previously unknown ones. During the past week, various data security organizations like the US Cybersecurity and Infrastructure Security Agency and Indian Computer Emergency Response Team have issued warnings asking users to install the latest updates on their Apple devices as soon as possible to avoid possible exploitation of devices and device data.

AT&T Alien Labs does a tremendous job of developing and maintaining a database of observed Indicators of Compromise (IOC) that have been involved with at least one customer through the Open Threat Exchange (OTX).

Data privacy is a priority objective for businesses today, particularly after the European Union's General Data Protection Regulation (GDPR) became enforceable in 2018, as this law protects European citizens’ personal data and requires organizations to change some of their work processes.

This morning we announced Corelight Investigator, an open NDR platform that enables security teams with the next-level evidence they need to disrupt attacks and accelerate threat hunting through an easy-to-use, quick-to-deploy SaaS solution. How does it work? Investigator combines battle-tested network evidence with intelligent alert scoring to deliver prioritized alerts tied to correlated evidence, enabling analysts to cut through the queue and accelerate incident response.

In 2011, my co-founders Azi Cohen, Ron Rymon, and I founded WhiteSource with a mission to automate all tasks surrounding the use and security of open source software. We were pioneering the software composition analysis (SCA) market before it had a name. Over the years, we’ve evolved to offer more value to our customers beyond our founding purpose.

During the course of 2022, SecurityScorecard has been tracking multiple DDoS campaigns that have been targeting entities within the Ukrainian government, as well as other European government targets that are perceived to be allied with Ukraine government interests. One of the groups at the forefront of these DDoS attacks is the hacking collective known as KillNet.