If the global cybercrime forecast took the form of a weather report, it might go something like this: The extended outlook calls for continued online lawlessness, scattered malware attacks and an ongoing blizzard of data breaches. After all, with experts predicting that the cybercrime epidemic will cost the world $6 trillion annually by 2021 as the shortage of qualified cybersecurity professionals climbs to 3.5 million unfilled positions, the metaphor of dark skies is hardly an exaggeration.

In 2020, car manufacturer Honda fell victim to a ransomware attack. Using a payload called “update.exe,” the attack crippled Honda’s international customer service and Financial Services wing for days. Although it affected two customer facing branches of this global corporation, the ransomware was designed to target and breach Honda’s critical ICS/SCADA environments.

Buffers are regions of memory storage that temporarily store data while it’s being transferred from one location to another. A buffer overflow, also known as a buffer overrun, takes place when the volume of data is more than the storage capacity of the memory buffer. Resultantly, the program that tries to write the data to the buffer replaces the adjacent memory locations. If a user enters 10 bytes, that is 2 bytes more than the buffer capacity, the buffer overflow occurs.

Limited budgets, limited staff, limited time. Any security professional will have dealt with all of these repeatedly while trying to launch new initiatives or when completing day-to-day tasks. They are possibly the most severe and dangerous adversaries that many cybersecurity professionals will face. They affect every organization regardless of industry, size, or location and pose an existential threat to even the most prepared company.

The Splunk Security Research Team has been working on Kubernetes security analytic stories mainly focused on AWS and GCP cloud platforms. The turn has come now for some Azure Kubernetes security monitoring analytic stories. As outlined in my "Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk" blog post, when looking at Kubernetes security, there are certain items within a cluster that must be monitored.

The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which continues to hover above 150 days on average.

In IT security debates, projects aimed at managing access and identifying users are considered fundamental. However, the processes and technologies for controlling permissions have proved challenging. To solve this dilemma, what is now called Identity Access Management (IAM) was created, which involves the definition and execution of identification processes related to the most critical businesses for a company.

We know “go hack yourself,” but what about unhack yourself? According to Laura and Tom (@TomNomNom), it means understanding how something is built and how it works, before you can know if you’ve successfully hacked it apart. There were many valuable soundbites to take from this dynamic conversation between host Laura Kankaala and guest Tom Hudson of Detectify.

There is a common thread between academy-award winner, Leonardo Dicaprio and the indispensability of know-your-customer (KYC). For most of you Dicaprio fans out there, you would have guessed it by now, that connection is the blockbuster ‘Catch me if you can(2002)’[1]. Dicaprio portrays a master con artist, who some consider as the best of all-time, Frank Abegnale.

Businesses of all sizes are moving to the cloud to take advantage of the greater data availability, significant cost savings and data redundancy that cloud computing provides compared to a traditional data center-based physical infrastructure. Moving to the cloud can also reduce shadow IT and get data stores out from storage closets and underneath desks so they can be governed and protected in compliance with regulations and best practices.