Another supply chain attack requires an urgent response from security teams.

In the second part of our breaking down the Elastic Global Threat Report series, we’re focusing on the credential access tactic, which was the third-most common category of behavior we observed. Roughly 10% of all techniques we saw involved one form of credential theft or another and dissecting this class of behaviors is helpful both to improve our understanding of threats and to better understand enterprise risks.

Picture yourself, a threat hunter using Splunk, and the words "workflow action" are uttered by your helpful security Splunker... Workflow actions make you a faster and more effective security analyst. They allow you to skip the laborious steps of logging into various websites to do your job and just get straight to business.

In the ever-changing world of IoT, early adopters of this technology, including many medical and manufacturing organizations, are finding that the devices they so heavily invested in are now less secure than ever. You might think that the only solution is to replace existing technology with new greenfield devices, but is there a way to extend the life of existing equipment, minimizing the cost of new technology and the overall impact your corporation has on the environment?

Threat groups intending to cause widespread damage often opt to use a supply chain attack, as seen in the massive supply chain compromise that struck VOIP software provider 3CX on March 29. Trustwave SpiderLabs has issued a blog detailing the attack and upcoming steps to mitigate the problem. Striking an organization's supply chain simplifies the attack process by eliminating the need to strike multiple targets by instead focusing on breaching one organization that is key to many others.

Mobile device management (MDM) refers to a type of software that allows businesses to manage, configure and secure mobile devices used by their employees. Companies use MDM solutions to maintain a secure environment across all the mobile devices they own or have access to, as well as provide features such as remote wipe, password policies, application management and data protection. This helps them ensure security while providing their employees with access to the applications and data they need.

For someone who interacts with managed service providers daily, I am often asked to highlight the differences between our Office 365 security app Octiga and a SIEM that provides similar functionality OR a Microsoft native tool such as Secure Score. I thought, why not create an informative piece for our users who wish to understand Octiga services better?

What do public school students, BMW dealers, Canadian defense engineers, and the world’s richest human have in common? They all fell victim to some manner of cybercrime during March. We’ve seen time and time again that no group is off-limits in the world of cybercrime, and the span of attacks we’re covering this month highlights cybercriminals lack of preference when there’s data and money on the line.

This past month at Vanta we launched a new brand, 32 new integrations, support for multiple & distinct identity providers (IdPs) and much more to improve the Vanta experience: ‍ ‍

The Biden Administration’s 35-page National Cybersecurity Strategy released in March 2023 emphasizes the growing importance of cybersecurity for both private companies and federal agencies. The strategy specifically highlights ransomware as a significant concern, particularly in terms of its impact on private companies that collaborate with the federal government or are critical to national security.