A recent study by Sophos has added more fuel to the RDP fire, confirming that the exploitation of this service, when not adequately protected, remains one of the preferred techniques to compromise an organization. Not only has the exposure of RDP servers, driven by the pandemic, led to an exponential increase of brute-force attacks against this service, but it has also encouraged a flourishing market of initial access brokers.

DevSecOps follows the same trend as Agile and DevOps: how can developers create software that’s better, faster, and less expensive? The DevSecOps motto — “software, safer, sooner” adds the missing piece to the latest approach to quicker product development. Security, previously an afterthought in the product development lifecycle, is now becoming an integral part of the process.

Cloud programs like Slack and Google Drive allow businesses to work collaboratively and efficiently, often at a low cost. However, these cloud platforms open a business up to new levels of risk: sharing information via cloud programs can put customer data at risk. Cloud security architecture provides a way to recognize and remedy vulnerabilities that result from using cloud service providers (CSPs).

Many organizations recognize the emergent need to discover, classify, and protect their sensitive information stored in cloud applications (SaaS) and infrastructure (IaaS) via a dedicated cloud content inspection process. However, cloud-native detection engines are a relatively new technology, and many corporate Information Security teams or Product Security developers are, understandably, not yet familiar with how to effectively evaluate cloud content detection.

In an earlier blog post, we spoke about building your own ProblemChild framework from scratch in the Elastic Stack to detect living off the land (LOtL) activity. As promised, we have now also released a fully trained detection model, anomaly detection configurations, and detection rules that you can use to get ProblemChild up and running in your environment in a matter of minutes.

The CYBERTECH100 is a list of the world’s most innovative companies that every financial institution ‘needs to know about’ to help combat cyber threats in 2021. Redscan was selected in recognition of ThreatDetect™, our Managed Detection and Response service, from over 1,000 companies who submitted their products and services for consideration.

CVE-2021-22116, CVE-2021-33175, and CVE-2021-33176 are denial of service vulnerabilities in three popular open source message broker applications.

Code Dx adds software vulnerability correlation, prioritization, and consolidated risk reporting. Today, Synopsys announced the acquisition of Code Dx, the provider of an award-winning application security risk management solution that automates and accelerates the discovery, prioritization, and remediation of software vulnerabilities.

At Splunk, we’re constantly on the hunt for new and emerging threats — tirelessly developing detection techniques to zero in on bad actors, while sharing key intelligence around cybercrime activity. But because threat intelligence can relate to so many different things — ranging from spear phishing campaigns to dark web dealings — it can be a challenge to cover and define all the specifics of what (or who) to look out for.

Businesses in Singapore face mounting challenges to protect customer data as a result of the newly enacted Personal Data Protection (Amendment) Bill (PDPA). With higher penalties expected to be levied from February 2022, it’s imperative that enterprises, particularly those collecting customer data, have a solid information security framework and incident response plan in place.