Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Inside Storm-0940: Uncovering Tactics of a Prolific Chinese Cyber Espionage Group

Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.

Graylog Year of CTFs: A Look Back at Our Biggest Highlights

2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their skills, deepening their knowledge, and having fun along the way.

Data Leakage Protection Solutions on the Rise Amid Increasing Cyber Threats

Protecting their private data is always a task for businesses in today's cyber world, where data breaches and cyberattacks are steadily on the rise. One of the biggest threats to data privacy and security is data leakage, which happens when private information leaves an organization's secure setting either by accident or on purpose. Companies all over the world are realizing they need Data Leakage Protection (DLP) options right away because of the growing number of high-profile data breaches.

How Sysdig streamlines cloud security posture management: Proactive risk management and tailored insights and controls

Attack surfaces in the cloud are expanding at a breakneck pace. Cloud security has reached an unprecedented level of complexity — ranging from misconfigurations and vulnerabilities to advanced threats and compliance challenges, all while malicious actors are increasingly using generative AI to target your cloud infrastructure.

Databunker, Skyflow, and Piiano: A Comprehensive Privacy Vault Comparison

Managing sensitive data while meeting compliance and security standards is an ever-growing challenge for organizations. Today, secure data management is a top priority, especially in industries like healthcare, finance, and fintech. This focus is expected to intensify in the coming years. To address these needs, privacy vault solutions like Databunker, Skyflow, and Piiano have emerged. Each offers unique capabilities tailored to specific use cases.

Add Alias in Active Directory

Microsoft Active Directory is a directory service for Windows domain networks. Active Directory serves as a centralized database which stores information about network resources, including users, computers, and services. It plays a significant role in network management and security, providing a framework for user authentication, authorization, resource management, and policy enforcement. This allows organizations to manage permissions and access rights across the entire network efficiently.

Dark Side of Deals: Emerging Scams for Black Friday, Cyber Monday and Giving Tuesday

As the holiday shopping season kicks into high gear, cybercriminals are gearing up too. This year, alongside the usual suspects, we're seeing some crafty new scams, so let’s take a look at some of the ones you should be most careful of during Black Friday, Cyber Monday and Giving Tuesday. AI-Generated Fake Reviews AI has allowed scammers to flood product pages with well-written and convincing fake reviews of products.

Threat Actors are Sending Malicious QR Codes Via Snail Mail

The Swiss National Cyber Security Centre (NCSC) has warned of a QR code phishing (quishing) campaign that’s targeting people in Switzerland via physical letters sent through the mail, Malwarebytes reports. The letters purport to come from the Swiss Federal Office of Meteorology and Climatology (MeteoSwiss), asking recipients to scan a QR code to install a new app for severe weather warnings.