Security

What is CSPM (Cloud Security Posture Management)?

Dec 16, 2021 By Catherine Chipeta In UpGuard

Cloud Security Posture Management (CSPM) is a category of cybersecurity tools that enhance cloud data security. CSPM is a relatively new concept, emerging from the ongoing rise of organizations moving their legacy workflows to the cloud.

Read Post

UpGuard

Read more about What is CSPM (Cloud Security Posture Management)?

log4jShell - Do you know what you don't know?

Dec 16, 2021 By Chiara Regale In Forward Networks

Is it just me or is the announcement of a significant CVE becoming a holiday tradition? Discovered on December 9, 2021 by Minecraft players, the Apache Log4Shell vulnerability is a uniquely insidious because it infects servers which are traditionally well insulated from attacks and perceived as unreachable by an intruder and not at risk for CVEs. Log4Shell is an entirely different can of works that proves this assumption wrong.

Read Post

Forward Networks

Read more about log4jShell - Do you know what you don't know?

Detecting Log4j via Zeek & LDAP traffic

Dec 16, 2021 By Corelight Labs Team In Corelight

We recently discussed some methods for detecting the Log4j exploit, and we’ve now developed another method that everyone running Zeek® or a Corelight sensor can use. Our new approach is based on the rarity of legitimate downloads of Java via LDAP. Zeek does not currently have a native LDAP protocol analyzer (though one is available if you are running Spicy). This will not stop you from detecting this exploit downloading Java over LDAP, though. To see how, read on.

Read Post

Corelight

Read more about Detecting Log4j via Zeek & LDAP traffic

Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Grant's Nursery and Farm

Dec 16, 2021 By WatchGuard In WatchGuard

Running a farm means monitoring every inch across 100s of acres of land. WatchGuard’s Wi-Fi solution helps Grant’s Nursery and Farm stay connected whether they’re at the roots or trimming the tops of trees.

View Video

WatchGuard

Read more about Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Grant's Nursery and Farm

Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Charge Up Coffee

Dec 16, 2021 By WatchGuard In WatchGuard

Running a small business has a never-ending list of tasks that needed to be done yesterday. WatchGuard’s network of service providers helps business like Charge Up Coffee Shop keep their customers and employee secure so they can focus on their products.

View Video

WatchGuard

Read more about Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Charge Up Coffee

Explaining Log4j2 And Handling The Next Zero-Day Vulnerability | Synopsys

Dec 16, 2021 By Synopsys In Synopsys

Looking to understand why everyone is talking about the Log4j2 vulnerability? Our Synopsys Security Experts will guide you through.

View Video

Synopsys

Read more about Explaining Log4j2 And Handling The Next Zero-Day Vulnerability | Synopsys

The Power of Splunk: Security

Dec 16, 2021 By Splunk In Splunk

Shape-shifting threats. Nefarious plots. A deluge of alerts. Nope, it’s not a new sci-fi movie. These are the things security teams are up against today. But Splunk is here to help. Watch the video to see how Splunk helps companies defeat threats and outsmart risks.

View Video

Splunk

Read more about The Power of Splunk: Security

How to Keep Your Data Secure in Light of Apache Log4j Vulnerabilities

Dec 16, 2021 By Hank Schless In Lookout

In quick succession in December, The Apache Software Foundation released information on two critical vulnerabilities in its Log4j Java-based library. The first vulnerability CVE-2021-44228, also known as Log4Shell or LogJam, was reported as an unauthenticated remote code execution (RCE) vulnerability. By exploiting how the library logs error messages, it could lead to a complete system takeover.

Read Post

Lookout

Read more about How to Keep Your Data Secure in Light of Apache Log4j Vulnerabilities

The DHS is inviting hackers to break into its systems, but there are rules of engagement

Dec 16, 2021 By Graham Cluley In Tripwire

The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks.

Read Post

Tripwire

Read more about The DHS is inviting hackers to break into its systems, but there are rules of engagement

The "Office of the CISO": A New Structure for Cybersecurity Governance

Dec 16, 2021 By Tripwire Guest Authors In Tripwire

When it comes to cybersecurity governance and management, there is no “one size fits all” approach. Today’s CISOs have a far wider range of responsibilities than their predecessors as heads of IT security. The CISO role is no longer purely technical, focused on hardware and endpoint protection and on operations within the organisational perimeter. Today’s CISO is as likely to be involved with software security, cloud applications, security awareness, and user training.

Read Post

Tripwire

Read more about The "Office of the CISO": A New Structure for Cybersecurity Governance

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

What is CSPM (Cloud Security Posture Management)?

log4jShell - Do you know what you don't know?

Detecting Log4j via Zeek & LDAP traffic

Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Grant's Nursery and Farm

Ugly Sweaters, Season's Greetings, and Cybersecurity Advice - Charge Up Coffee

Explaining Log4j2 And Handling The Next Zero-Day Vulnerability | Synopsys

The Power of Splunk: Security

How to Keep Your Data Secure in Light of Apache Log4j Vulnerabilities

The DHS is inviting hackers to break into its systems, but there are rules of engagement

The "Office of the CISO": A New Structure for Cybersecurity Governance

Monthly Archive

Follow Us