This is the first article in a series focusing on syscall evasion as a means to work around detection by security tools and what we can do to combat such efforts. We’ll be starting out the series discussing how this applies to Linux operating systems, but this is a technique that applies to Windows as well, and we’ll touch on some of this later on in the series. In this particular installment, we’ll be discussing syscall evasion with bash shell builtins.

In a typical ransomware attack, an adversary attempts to deploy ransomware directly on the machines they wish to encrypt. However, ransomware groups are increasingly adopting a newer tactic to ensure the success of their campaigns: remote encryption.

The cyberthreat landscape is ever-evolving and the level of sophistication from cybercriminals is always increasing. Networks are not impenetrable. Alarmingly, 79 minutes is now the average time from when an attacker compromises a network to when they start to move laterally, infiltrating the rest of the network.

The sheer volume of data breaches continues to escalate at a phenomenal rate. Cyberattacks on all businesses, but particularly small to medium-sized businesses, are becoming more frequent, targeted, and complex. According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, but only 14% of those businesses are prepared to defend themselves.

Yes, passkeys can be shared when you store them in a password manager that supports them. Since passkeys are tied to the devices they’re created on, sharing them with someone who uses a different Operating System (OS) isn’t an option. However, with a dedicated password manager, users can share their passkeys with anyone, no matter what devices they use.

Many organizations downplay the critical aspect of whether their cybersecurity provider has the ability to properly vet a third-party vendor's cybersecurity posture. There are multiple reasons behind this and there are also considerations of where the cybersecurity vetting process can go off the rails during supply chain purchases.

Traditional security paradigms are increasingly falling short against sophisticated cyber threats in the dynamic and challenging cybersecurity landscape. This has led organizations to adopt the zero-trust security model, a paradigm shift that assumes no internal or external entity is to be trusted without verification.

As a data scientist and Splunk user, you know the importance of leveraging the right tools to gain valuable insights from your cybersecurity data. In this blog post, we'll dive deeper into how combining Splunk and Graphistry can help you unlock new capabilities for your cybersecurity investigations and gain better resilience for your organization.

According to a 2023 Forbes article, 12.7% of U.S. workers work remotely and 28.2% have adopted a hybrid work schedule. As device and usage trends continue to shift, organizations must find ways to secure remote endpoints that could grant adversaries access if left vulnerable.

This blog is part of a series about how to use Vanta and AWS to simplify your organization’s cloud security. To learn more about how to use Vanta and AWS, watch our Coffee and Compliance on-demand webinar. ‍ Amazon Web Services, or AWS, is one of the most popular cloud providers for organizations today — providing one of the most flexible and secure cloud environments available.