After a two-year hiatus, we couldn’t have been happier to spend the week in the Bay area with our customers, partners, and peers at the RSA Conference. The opportunity to showcase our latest solutions and technologies while connecting with some of the smartest people in the industry is something we’ve missed dearly, and meeting with our customers in person has made the 2022 conference sweeter than ever before.

Summer is here and phishing season is in full swing. May saw a troubling range of phishing attacks carried out against a wide array of targets, from retirement planners to school systems to national defense. Bundle all of those efforts together with a disturbing ransomware attack on the air travel industry and you have all the evidence you need of the dangers of inadequate cybersecurity at every level.

Right now, much of the security world is focused on the RSA conference in San Francisco, California. The Torq team has been preparing for the event for months—and we’re thrilled that we finally get a chance to talk about Torq in person with other security professionals.

In our sixth episode of the Future of Security Operations podcast, Thomas speaks with Niall Heffernan, Head of Security at Cygnvs, a former Senior Manager of Information Security at Informatica, and a Lecturer for BSc, HDIP, PGDip, and MSc students studying in the Cybersecurity courses at the National College of Ireland.

On Tuesday, May 31, 2022, Volexity responsibly disclosed a remote code execution (RCE) vulnerability to Atlassian affecting all supported versions of Confluence Server & Data Center. The Object-Graph Navigation Language (OGNL) injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.

Company IT and security teams are facing cybersecurity challenges that increasingly test their defensive capabilities. Organizations have to protect themselves from a growing number of incidents (one attack every 39 seconds, according to the University of Maryland) and sophisticated threats, many of which have serious consequences.

When you hear the words “brute force," subtlety is probably not the first thing that comes to mind. Indeed, classic brute-force cyber attacks use the most straightforward tactics—trial and error—to gain entry into a protected system. When brute force works, the attack's type, depth, and severity depend on the attacker's goals.

Fueled by the need to detect new, emerging threats while supplying meaningful feedback upstream to anticipate and prevent future ones, the modern SOC is the engine that protects organizations worldwide. The heart of that engine is common to all SOCs since they debuted more than a decade ago: people.

On Friday, May 27, 2022, Security vendor nao_sec identified a malicious document leveraging a zero-day remote code execution RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The actively exploited vulnerability exists when MSDT is called using the URL protocol from a calling application, such as Microsoft Word.