“Crowdsourced security provides a way for security teams to expand their efficiency, especially when it comes to managing their external attack surface,” said Rickard Carlsson, Co-founder and CEO of Detectify. “Hackers have eyes and ears all over the web, and they’re constantly monitoring attack surfaces for exploitable entry points.

This is a follow-up to our previous blogposts covering the Log4j vulnerability and the Deep Scan tool we made available to help identify vulnerable systems. As we close the first month of 2022, we looked into the activity related to the Log4Shell vulnerability CVE-2021-44228 observed across our 2,3000+ customers. Many of you will empathize with the struggle to find all instances of the vulnerable Log4j component, especially at the scale that comes with having a large customer base.

During an investigation of a malware campaign, I discovered that multiple emails were bypassing a specific email security system. Interestingly, there were no bypass techniques used. Instead, the flood of spear-phishing emails made the email security system allow some of the emails, at which point I began my research on Microsoft Outlook. The issue in this case was that the specially crafted malicious link parsing on the security system was weak.

Machine data analytics is the process of parsing data generated by software from a wide variety of sources including servers, networks, applications and financial records. These, and many other similar sources, produce massive amounts of data including from local operating systems, identity/access management tools, cloud consoles and their associated log files, alerts, scripts and profiles.

Technology has advanced our world in countless ways. Every day we bank, shop, conduct business and exchange photos and messages with family and friends online. While digital devices and services offer great convenience, they also pose risks to our data and privacy as the separation between our offline and online lives converges. Data Privacy Week, spanning January 24-28, serves as an important reminder of the importance of protecting our privacy and safeguarding personal information.

A Canadian man has been handed a three year prison sentence after being found guilty of buying and selling over 1700 stolen identities on a dark web marketplace. 29-year-old Slava Dmitriev, who went by the online handle of “GoldenAce”, bought and sold individuals’ personal private information, including social security numbers, on the AlphaBay dark web marketplace in 2016 and 2017.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires healthcare entities to implement policies and procedures to safeguard the privacy and security of the protected health information (PHI) of patients. One core requirement is to perform risk assessments. This article explains what a risk assessment is according to HIPAA and offers guidance about the steps involved.

As organizations became increasingly interconnected globally, every business started adapting to the digital model for all their transactions, fearing that otherwise they would be left behind in the race. Unfortunately, this has turned out to be a catch-22 as threats to cybersecurity are continually increasing. The rise in attacks was partly due to Log4j that helped to boost the cyberattack attempts to an all-time high in Q4 2021.

The Splunk Threat Research Team is monitoring open channel intelligence and government alerts indicating the possibility of malicious campaigns using destructive software in relation to ongoing geopolitical events. Based on historical data of named geopolitical actors, the use of destructive payloads has been observed in past campaigns.

Advanced cybersecurity threats have heightened the harm of data breaches. At the same time, individuals have become increasingly aware of the information they share with companies, and expect organizations to protect that sensitive information. These two trends have led companies to invest in information security and data privacy practices.