CVE-2020-28052 is an authentication bypass vulnerability discovered in Bouncy Castle’s OpenBSDBcrypt class. It allows attackers to bypass password checks.

This blog is part two of Splunk's Sunburst Backdoor response aimed at providing additional guidance to our customers (you can read part one, "Using Splunk to Detect Sunburst Backdoor," by Ryan Kovar). In this blog, we’ll cover how to ingest threat indicators to combat Sunburst Backdoor in Splunk Enterprise Security (ES).

Employee Monitoring is the process of tracking employee activities such as app use, internet browsing, email communications, file transfers etc. An employee monitoring solution allows a business to keep an eye on its users so that they cannot put the organization in harm’s way intentionally or accidentally by leaking sensitive data, sabotage, fraud, theft or other miscreants.

SAN FRANCISCO – December 16, 2020 – Reciprocity, the company behind ZenGRC, the industry-leading information security risk and compliance solution, today announced ZenGRC has earned two badges on the G2 Winter 2020 Grid Report. This marks the 15th consecutive quarter ZenGRC has been recognized by G2 in its quarterly report. G2 is a peer-to-peer business solutions review website, leveraging customer feedback to rank the best business software and services.

Many of our customers rely on the Amazon Web Services (AWS) Well-Architected Framework as a guide to build safe, secure, and performant applications in the cloud. AWS offers the Well-Architected Review (WAR) Tool as a centralized way to track and trend adherence to Well-Architected best practices. It allows users to define workloads and answer a set of questions regarding operational excellence, security, reliability, performance efficiency, and cost optimization.

Breaches and cyberattacks are on the rise in the healthcare industry. The recent acceleration of digital technology and connectivity within Healthcare has led to significant patient care delivery improvements, more effective population health management, and better patient outcomes. With this increased technology and connectivity, however, comes increased exposure to cyberattacks that can impact patient care delivery, safety, and privacy.

The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.

For many businesses, global third-party vendors have become an important source of strategic advantage and business value. Yet outsourcing is not without its risks. As reliance on third-parties continues to grow, so does the number of headline stories of regulatory action and reputational damage that arise from third-party breaches or failure. Those driving organizations need to reconsider how they approach, identify and manage third-party risk.

Apache Tomcat is the leading Java application server by market share and the world's most widely used web application server overall. Currently at version 8, the popular web server has not been without its security flaws, perhaps most famously publicized in this incident of aircraft hacking by security researcher Chris Roberts earlier this year. However, hardening Tomcat's default configuration is just plain good security sense—even if you don't plan on using it on your plane's network.

When it comes to application security (AppSec), most experts recommend using Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) as “complementary” approaches for robust AppSec. However, these experts rarely specify how to run them in a complementary fashion.