Some of the most damaging data leaks have resulted from poor database security. In March 2020, 10.88 billion records were stolen from adult video streaming website CAM4’s cloud storage servers. In March 2018, 1.1 billion people were the victim of a breach of the world’s largest biometric database, Aadhaar. And, in April 2021, 533 million users had their information compromised when a Facebook database was leaked on the dark web for free.

Cyberattacks in the field of geopolitics are playing an increasingly important role. 2020 was an intense year during which the pandemic was used for disinformation campaigns and there were serious incidents caused by groups linked to foreign powers.

For more information on how to respond to the Log4j vulnerabilities using Splunk products, please see our Log4Shell response overview page. Like most cybersecurity teams, the Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect the Log4j attack vector. This post shares detection opportunities STRT found in different stages of successful Log4Shell exploitation.

A critical vulnerability has been recently discovered in the Apache Log4j Java logging library (CVE-2021-44228), a library used in many client and server applications. The Log4j library is commonly included in Java based software including multiple Apache frameworks such as Struts2, Solr, Druid and Fink. The library provides enhanced logging functionality for Java applications and is commonly used in business system development.

Ransomware and cybercrime have had a major presence in the media this past year with some very prominent attacks happening in 2021 making headlines as well as government-issued executive orders emphasizing the need for stronger cybersecurity. This has resulted in many organizations taking action to bolster their security efforts which can make it difficult for cyber criminals to successfully conduct their attacks.

Cyber threats are everywhere, regardless of your organization’s size or industry. Businesses today must adopt a systematic, disciplined cybersecurity plan to secure vital infrastructure and information systems — that is, a cybersecurity framework. Cybersecurity risk management encompasses identifying, analyzing, assessing, and addressing cybersecurity threats to your organization. In this sense, the first part of any cyber risk management program is a cybersecurity risk assessment.

Amazon Web Services (AWS) provides a large suite of security tools to protect workloads, data, and applications running on AWS cloud infrastructure. Among the 25 AWS-native security solutions, it’s challenging to figure out exactly what your organization needs and why. This article helps simplify your decision by overviewing the top 12 security tools and services offered by Amazon and their uses.

Amazon Web Services (AWS) provides a large suite of security tools to protect workloads, data, and applications running on AWS cloud infrastructure. Among the 25 AWS-native security solutions, it’s challenging to figure out exactly what your organization needs and why. This article helps simplify your decision by overviewing the top 12 security tools and services offered by Amazon and their uses.

Open Policy Agent (OPA) allows developers to accelerate time to market and focus on their differentiated work, instead of spending their time figuring out how they are going to write bespoke authorization policies. With OPA handling authorization decisions across the stack, each service, app or platform API just has to handle enforcement of OPA decisions.