According to our most recent cloud security report, most cloud security incidents are the result of compromised credentials for either human or non-human identities. Once an attacker successfully controls an identity, such as a highly privileged user account, they can quickly move to other areas of an environment, including prevalent targets like sensitive data stores. This pattern of behavior is similar across all cloud platforms and services.

Protecting their private data is always a task for businesses in today's cyber world, where data breaches and cyberattacks are steadily on the rise. One of the biggest threats to data privacy and security is data leakage, which happens when private information leaves an organization's secure setting either by accident or on purpose. Companies all over the world are realizing they need Data Leakage Protection (DLP) options right away because of the growing number of high-profile data breaches.

As the holiday shopping season kicks into high gear, cybercriminals are gearing up too. This year, alongside the usual suspects, we're seeing some crafty new scams, so let’s take a look at some of the ones you should be most careful of during Black Friday, Cyber Monday and Giving Tuesday. AI-Generated Fake Reviews AI has allowed scammers to flood product pages with well-written and convincing fake reviews of products.

While most security teams now have systematic processes in place for identifying vulnerabilities and responding to targeted threats, large-scale security incidents that affect many organizations globally are now an increasingly common occurrence. The Crowdstrike outage in July, while not specifically a security incident, demonstrated how targeted breaches or failures in our security infrastructure can have a ripple effect across entire industries and disrupt critical aspects of everyday life.

Distributed Denial of Service (DDoS) attacks are cyberattacks that aim to overwhelm and disrupt online services, making them inaccessible to users. By leveraging a network of distributed devices, DDoS attacks flood the target system with excessive requests, consuming its bandwidth or exhausting compute resources to the point of failure. These attacks can be highly effective against unprotected sites and relatively inexpensive for attackers to launch.

Maintaining robust cybersecurity defenses comes with significant costs, but one area that often exceeds is the ongoing administration of Security Information and Event Management (SIEM) systems. The expenses associated with logging, storing, and managing SIEM data can escalate rapidly, especially when compounded by compliance and regulatory requirements. What are these hidden costs and how can you mitigate them while also ensuring compliance?

Managing sensitive data while meeting compliance and security standards is an ever-growing challenge for organizations. Today, secure data management is a top priority, especially in industries like healthcare, finance, and fintech. This focus is expected to intensify in the coming years. To address these needs, privacy vault solutions like Databunker, Skyflow, and Piiano have emerged. Each offers unique capabilities tailored to specific use cases.

2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their skills, deepening their knowledge, and having fun along the way.

In today’s cyber attack scene, data often takes a detour – straight through hackers’ systems. Unlike phishing or ransomware, which aim to trick users into handing over credentials or stealing data directly from systems, a Man-in-the-Middle (MitM) attack involves an unseen intermediary trying to fool each of two parties into thinking he’s the other one, capturing and/or altering information communicated between the parties, etc.

Why are so many security teams migrating from legacy SOAR tools to next-gen solutions? This was one of the topics up for discussion as Tines engineer Whitney Young joined host Adrian Sanabria on the Enterprise Security Weekly podcast. Read on for a behind-the-scenes look at Whitney’s process for legacy SOAR migrations, including her top tips for teams considering a switch.