In a recent post by the Splunk Threat Research team, we addressed permanent and temporary token/credential abuse in AWS and how to mitigate credential exposure. With 94% of Enterprises using a cloud service, and some using at least five different cloud platforms, it’s imperative to stay ahead of threats across multicloud environments. Let’s now turn our attention to Google Cloud Platform (GCP) and how to detect and mitigate OAuth Token Abuse.

Malicious Microsoft Office documents are a popular vehicle for malware distribution. Malware families such as Emotet, IcedID, and Dridex use Office documents as their primary distribution mechanism. Several recent Emotet attacks used a novel approach to sending email baits and hosted the malicious documents in cloud apps to increase their success.

Over five years ago, Adrian Bridgwater wrote a Forbes article pronouncing that “If Software Is Eating The World, Then Open Source Will Chew It Up (And Swallow).” That statement is just as true today. Open source components have become a basic building block for software developers, providing them with ready-made solutions from a vast community that help them keep up with today’s speedy and frequent release cycles.

FinTech isn't new, but the reach of its usefulness continues to spread into unexpected areas. One such area is card issuing. Card issuing is the ability of financial institutions to issue debit or credit cards—either physical or virtual. This might not seem like much, but when combined with new business needs and consumer trends we start to see interesting use cases crop up.

“The more things change, the more they stay the same.“ In the recent Equinix breach in September 2020, 74 RDP servers were exposed to the Internet. Any publicly exposed ports are a risk but remote access protocols such as RDP have had their share of critical vulnerabilities (e.g., BlueKeep in 2019).

While working with customers over the years, I've noticed a pattern with questions they have around operationalizing machine learning: “How can I use Machine Learning (ML) for threat detection with my data?”, “What are the best practices around model re-training and updates?”, and “Am I going to need to hire a data scientist to support this workflow in my security operations center (SOC)?” Well, we are excited to announce that the SplunkWorks team launched a new add-

Open source is everywhere. Everyone is using it. Open source code is found in almost every proprietary software offering on the market and is estimated to make up on average 60%-80% of all software codebases in 2020. Why the proliferation? Open source libraries help developers write code faster to meet the increasingly shorter release cycles under DevOps pipelines. Instead of writing new code, developers leverage existing open source libraries to quickly gain needed functionality.