Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) leading the charge. This means consumers around the globe are gaining rights regarding how their data is collected, stored, processed and sold, as well as more ways to hold companies accountable when poor data security practices lead to data breaches involving personally identifiable information (PII).

The world of software development has witnessed a significant transformation thanks to low-code/no-code development platforms like Microsoft Power Platform, Salesforce, and ServiceNow. These platforms have empowered developers and business users of all technical backgrounds to create applications, automations, bots, connections (and more), rapidly and with greater accessibility.

In the world of digital forensics, where experts meticulously analyze digital evidence to uncover the truth, a counterforce known as "antiforensics" seeks to conceal, manipulate, or destroy this evidence. Antiforensics techniques aim to evade detection and analysis, posing a significant challenge for forensic investigators. In this comprehensive blog, we will explore the realm of antiforensics, understand its techniques, and discuss strategies to effectively defend against them.

The Sysdig Threat Research Team (TRT) has uncovered a novel cloud-native cryptojacking operation which they’ve named AMBERSQUID. This operation leverages AWS services not commonly used by attackers, such as AWS Amplify, AWS Fargate, and Amazon SageMaker. The uncommon nature of these services means that they are often overlooked from a security perspective, and the AMBERSQUID operation can cost victims more than $10,000/day.

Security Awareness Training is essential for several reasons: 1. **Human Error**: Many security breaches occur due to human error. Employees may inadvertently click on malicious links, download malware, or share sensitive information with unauthorized individuals. Security awareness training helps employees recognize potential threats and avoid common mistakes. 2.

So you want to hunt, eh? Well my young padwa…hold on. As a Splunk Jedi once told me, you have to first go slow to go fast. What do I mean by that? Well, if you rush into threat hunting and start slinging SPL indiscriminately, you risk creating gaps in your investigation. What gaps might those be? As a wise man once said, Know thy network. Actually — in this case — know your network and hosts.

If you have spent any time searching in Splunk, you have likely done at least one search using the stats command. I won’t belabor the point: stats is a crucial capability in the context of threat hunting — it would be a crime to not talk about it in this series. When focusing on data sets of interest, it's very easy to use the stats command to perform calculations on any of the returned field values to derive additional information.

It would be great if Dark Web scans were as simple as Google searches – if you could simply plug your business’s name into a search engine, run a query and view a list of results about threats that impact your company. Unfortunately for businesses seeking to stay a step ahead of threat actors, quite the opposite is true. It’s not just that there is no Google or search index that teams can turn to when searching for threats.

On September 15th, 2023, it was announced that a company in Stockport, UK, responsible for producing ID cards for various organizations, including Greater Manchester Police, fell victim to a ransomware attack. The attack, conducted using ransomware, had significant implications. Thousands of police officers’ personal details, including their names, were at risk of exposure to the public domain.

Read the journey of GitGuardian Honeytoken, a tool that is changing the game in supply chain protection and threat detection. Explore its features, the motivation behind its creation, and what's next.