If you've already heard about the Apache Log4j CVE-2021-44228 (also known as Log4Shell and formally LogJam) vulnerability then you will know that this is a significant issue as many organisations are scrambling to secure their infrastructure from this critical remote code execution (RCE) vulnerability. With these considerations in mind, we wanted to bring you a guide that outlines the steps that can be followed to ensure the security of your systems from CVE-2021-44228.

Today's threat actors are well-organized, highly skilled, motivated, and focused on their targets. These adversaries could be lurking on your network or threatening to break into it, using increasingly sophisticated methods to reach their goal. Simply put, there's often no need for adversaries to deploy malware at the early stages of the attack.

Modern software projects are mostly composed of open source code. The question of who really controls this code, and is responsible for detecting and fixing software supply chain security issues, became a significant source of concern after the discovery of the Log4Shell vulnerability.

In my decade working in the cybersecurity industry, I’ve developed quite a few fond memories learning from talented security professionals. In 2015, I found myself working with Andy Pendergast at ThreatConnect. (As a little background, Andy is one of the fine folks who developed the Diamond Model for Intrusion Analysis. He is considered to be a veritable cybersecurity encyclopedia among his peers.) At the time, I was new to cyber threat intelligence (CTI).

The whole point of an SBOM is lost if you keep it a secret. Here we reveal our secrets of the ideal SBOM exchange. Let us know if we’ve missed anything in RKVST SBOM Hub. SBOMs are made for sharing and are the gifts that keep on giving, but only if they get to the right place at the right time to drive the right critical decision. The first critical decision, or moment of truth, is whether to buy a vendor’s product.

It’s critical for software developers that users trust the software they’ve developed. Users have the full right to know that the software they’re downloading comes from a trusted source and not any malicious third party. And a code signing certificate helps you achieve that same trust.

One of the primary ways that adversaries gain access to environments is through valid credentials. Because of this, maintenance and auditing of user accounts is an integral part of maintaining a good security posture. When an employee leaves a company or organization, it is important that all associated accounts be removed and permissions revoked. If these accounts are not removed, they are a potential avenue for attackers to enter a network.

The second a system is connected to a network, it becomes vulnerable to a cyber attack. We’ve seen news of companies experiencing cyber attacks across different industries more often than we can count. But now that the automotive industry has joined the digital bandwagon, cybersecurity threats and attacks are also becoming an issue.

Digital cookies have become a ubiquitous tool in how websites identify visitors, understand their online behaviour, and make browsing more convenient for the user. Cookies are small text files which store data to identify your computer. Cookies aren't necessarily bad. They're useful for encryption, delivering webchats, improving marketing campaigns by personalising the content displayed, and many other digital services.

In 2021, malicious Office documents accounted for 37% of all malware downloads detected by Netskope, showing favoritism for this infection vector among attackers. This is likely due to the ubiquitous usage of Microsoft Office in enterprises across the globe. Throughout 2021 we have analyzed many techniques used by attackers to deliver payloads through infected documents, which included the return of Emotet, a campaign that primarily uses infected documents to spread malware.