Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

TL;DR: Accompanying today’s announcement from CISA (BOD 22-01) and their new Known Exploited Vulnerabilities Catalog, SURGe and Splunk Threat Research Team (STRT) have coordinated to add functionality into Enterprise Security Content Updates (ESCU). This added functionality will help network defenders understand vulnerability context alongside relevant ESCU detections.

While threat actors continue to vary attack methods, these 10 essential cyber security controls can significantly improve your security posture, therefore making it harder for cyber criminals to compromise your network and increasing your opportunities for cyber insurance coverage.

Looking back at the past year, there have been some downright spooky trends facing cyber security professionals. Ransomware attacks have skyrocketed, impacting organizations from healthcare to critical infrastructure to the suppliers of MSP suppliers and everyone in between. APT crews and criminal gangs have taken advantage of the pandemic that pushed everyone to remote work, making 2020/2021 the year that bad cybersecurity preparedness came home to roost.

Artificial intelligence (AI) is reinventing the trajectory of cybersecurity and fighting with a double-edged sword. If harnessed correctly, AI can automatically generate alerts for emerging threats, detect new types of malware, and protect sensitive data. While it has advanced us into a plethora of new technologies -- think Siri, facial recognition, and Google’s search engine -- it has also probed us with significant threats from cybercriminals.

With thousands of tools and technologies to choose from, navigating through cybersecurity categories and technologies to find a solution that meets your organization’s needs can be challenging. The annual Cybersecurity Breakthrough Awards program helps you solve that problem by aiming to perform the most comprehensive evaluation of cybersecurity companies and solutions on the market today and recognizing the leaders.

We recently spoke with Amy Berman, Security Strategic Operations Lead at MongoDB about the role of security champions at her organization. For those new to the concept, security champions are developers that have an interest in security and can facilitate collaboration between development and security teams.

Malware analysis is a fundamental factor in the improvement of the incident detection and resolution systems of any company. The Sysdig Security Research team is going to cover how this Shellbot malware works and how to detect it. Shellbot malware is still widespread. We recorded numerous incidents despite this being a relatively old and known attack that is also available on open Github repositories.

It seems that we might be getting to the tipping point in the corporate world where most organizations and businesses recognize they’re exposed to an increasing amount of cybersecurity risk. And with bad guys devoting a large portion of their strategy to targeting employees, the need for effectively training employees is intensifying. But before you begin to evaluate or build a program you need to first define and cement what it is you are looking to accomplish with your program.

Social media can be a great way to stay connected with friends and family, but it also poses risks. In this blog post, we will explore the dangers of social media for kids, teens, individuals and businesses as well as the benefits. We will talk about the social media risks and how to protect yourself from them. There are many ways that you can reduce your risk when using social media sites like Twitter or Facebook.