Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One year ago today, Russia launched a massive combined arms ground, air, and sea assault against Ukraine, including a large cyber component designed to sow confusion among Ukrainian authorities. At the first anniversary, the initial takeaway is the role played by cyber has not been as prominent as predicted for what has turned into the largest European land war since 1945. Russia and Ukraine are still actively using their cyber troops to conduct a variety of attacks against their foe.

A critical part of an organization’s overall cybersecurity strategy, Attack Surface Management (ASM) helps organizations to: This article describes ASM is, including why it is needed and how it works. At the end, I’ll discuss how software solutions can automate attack surface management. (This article was written by Shanika Wickramasinghe. See more of Shanika's contributions to Splunk Learn.)

Kroll helps development teams build agile penetration testing programs that prioritize security posture throughout the project life cycle while maintaining a rapid release cadence. When it comes to modern application delivery, speed and agility are the name of the game. Customer demands are driving rapid release cycles, pushing development teams to create new products and to update existing ones at a much more aggressive pace.

This and other notable threats from the previous quarter, as well as a look ahead to potential issues in 2023, are discussed in our Q4 Threat Landscape 2022 report.

Read also: GoDaddy reveals multi-year security breach, hackers targeted Asia-based data centers used by major global firms, and more.

As organizations implement additional security controls and detections, threat actors adjust to bypass them. Since our initial investigation into a Lorenz ransomware intrusion that exploited a Mitel MiVoice VoIP appliance, we have observed a shift in the group’s Tactics, Techniques, and Procedures (TTPs).

The purpose of this guide is to provide you with a thorough understanding of GLBA as well as tips for ensuring compliance with your organization.

As we move towards more automation, we should remember the risk of over-automating, or at least make a conscious decision to accept the risks. This is especially important in automating response actions, which left unchecked could wreak havoc with day-to-day business operations.

Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks.

CrowdStrike recently analyzed a macOS-targeted mineware campaign that utilized malicious application bundles to deliver open source XMRig cryptomining software and Invisible Internet Protocol (I2P) network tooling.