Being a sysadmin basically means being a superhero. Fighting bad guys (aka hackers), helping ordinary people (aka users), saving your home (aka IT environment) from various disasters — it all sounds very heroic, but it’s just an average day in a sysadmin’s life. But superheroes can feel pain as well. Five years ago, we asked brave sysadmins to blow off some steam and complain about their suffering by letting us know what they really hate about their work.

With the new normal adding several more challenges and variables to the security layer, how do you ensure your data is safeguarded without increasing the workload or the headcount of your security team? Using advanced analytics, in tandem with endpoint monitoring applications such as ManageEngine’s Mobile Device Manager Plus and Desktop Central, will help you better visualize and analyze your endpoint data, identify patterns, and establish correlations.

Limited budgets, limited staff, limited time. Any security professional will have dealt with all of these repeatedly while trying to launch new initiatives or when completing day-to-day tasks. They are possibly the most severe and dangerous adversaries that many cybersecurity professionals will face. They affect every organization regardless of industry, size, or location and pose an existential threat to even the most prepared company.

If the global cybercrime forecast took the form of a weather report, it might go something like this: The extended outlook calls for continued online lawlessness, scattered malware attacks and an ongoing blizzard of data breaches. After all, with experts predicting that the cybercrime epidemic will cost the world $6 trillion annually by 2021 as the shortage of qualified cybersecurity professionals climbs to 3.5 million unfilled positions, the metaphor of dark skies is hardly an exaggeration.

In 2020, car manufacturer Honda fell victim to a ransomware attack. Using a payload called “update.exe,” the attack crippled Honda’s international customer service and Financial Services wing for days. Although it affected two customer facing branches of this global corporation, the ransomware was designed to target and breach Honda’s critical ICS/SCADA environments.

Buffers are regions of memory storage that temporarily store data while it’s being transferred from one location to another. A buffer overflow, also known as a buffer overrun, takes place when the volume of data is more than the storage capacity of the memory buffer. Resultantly, the program that tries to write the data to the buffer replaces the adjacent memory locations. If a user enters 10 bytes, that is 2 bytes more than the buffer capacity, the buffer overflow occurs.

The Splunk Security Research Team has been working on Kubernetes security analytic stories mainly focused on AWS and GCP cloud platforms. The turn has come now for some Azure Kubernetes security monitoring analytic stories. As outlined in my "Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk" blog post, when looking at Kubernetes security, there are certain items within a cluster that must be monitored.

The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which continues to hover above 150 days on average.

Since the outbreak of Covid-19, many organisations have had to make a swift transition to remote working to ensure business continuity. What would typically take months of planning and preparation was implemented in a matter of days. The chaos that this created, combined with the already uncertain nature of life during a pandemic, had created the ideal environment for cybercriminals.