Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

FBI warns of Ranzy Locker ransomware threat, as over 30 companies hit

The FBI has warned that over 30 US-based companies had been hit by the Ranzy Locker ransomware by July this year, in a flash alert to other organisations who may be at risk. According to the alert, issued with the Cybersecurity and Infrastructure Security Agency (CISA), most of the victims were compromised after brute force credential attacks targeting Remote Desktop Protocol (RDP) to gain access to targets’ networks.

Welcome to Nightfall's Engineering Blog

From our beginnings as childhood friends to coming up together in the tech industry, Isaac and I would catch up on our adventures as professionals working in Silicon Valley: him in the VC world, and me as an engineer at Uber Eats. We’re both very interested in entrepreneurship, so we would always come back to discussing various business ideas, including a topic we’d both become intrigued with — the existing challenges enterprises faced with cloud data security.

New CCO's Mission: Create a World-Class Experience for Devo Customers

Johannes Loeffler recently joined Devo as chief customer officer. He and his worldwide team are responsible for accelerating Devo’s efforts to provide customers with a seamless and superior customer experience. I joined Devo because I saw an amazing company with huge potential that is disrupting the logging and SIEM market. Devo’s solutions and services provide incredible value to our customers. And our customers are loyal to us, which is something money can’t buy.

Lift Your Spirits With Splunk SOAR

Halloween is just around the corner and we’re looking forward to trick-or-treating, donning our best costumes, and watching movies. A few of my favorite movies that I watch around Halloween time remind me of our most recent Splunk SOAR updates. Is that a stretch? Possibly. But hey it’s Halloween, let’s have some fun and I’ll try to make it as humerus as possible 💀

Supply Chain Shock: Realities About the Security of the Software Supply Chain

News reports on attacks on the “supply chain” are becoming an almost every-day occurrence. First there was SolarWinds, then Kayesa, followed by countless other large and small supply chain attacks. Global businesses, economies, and lives are intricately connected to each other through applications and the internet. When critical systems are attacked and operations are affected, the downstream problems quickly become apparent.

Code similarity analysis with r2diaphora

Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence.

Cloud Infrastructure Entitlements Management (CIEM) with Sysdig Secure

Discover what CIEM Security is and how easy it is to implement with Sysdig Secure for cloud. Over-permissioned accounts and roles is the most common cloud service misconfiguration security problem. Implementing least privilege is a crucial best practice to avoid or mitigate risks of data breaches and contain privilege escalation and lateral movement.

Snyk Code adds Apex, Swift language support + API, GraphQL security

Snyk Code has had a tremendous 2021. It started the year supporting three languages — Java, JavaScript, and TypeScript — and has since added Python, C#, PHP, Ruby, and Go. More languages and features are on the horizon, and in this article, we’re happy to announce the addition of Swift and Salesforce’s Apex support, as well as API and GraphQL security. Let’s get into it!

Arctic Wolf Survey Unveils Where Firms Now Stand on Cyber Insurance

This August we commissioned a survey of over 1,400 senior IT decision-makers and business executives in the US, UK, and Canada. Our initial publication of the findings dug deep into their thoughts and attitudes on many issues, including nation-state attacks and hybrid work. In addition, however, our survey featured several questions on cyber insurance. So in this article, we’ll provide the cyber insurance insights shared by the survey respondents.