Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Build secure cloud-native applications by avoiding the top five security pitfalls we lay out in our Secure Cloud-native Development Series. This blog is the fifth and final part of the series, and it will teach you to handle credentials and secrets management best practices for securing cloud-native applications. Every organization has their way of managing credentials. In the past, with legacy application architectures, this was a bit more manual and arduous.

Now generally available, Splunk Edge Processor supports syslog-based ingestion protocols, making it well-equipped to wrangle complex and superfluous data. Users can deploy Edge Processor as an end-to-end solution for handling syslog feeds such as PAN logs, including the functionality to act as a syslog receiver, process and transform logs and route the data to supported destination(s).

Ave Maria RAT (remote access trojan), also known as “Warzone RAT,” is a malware that gains unauthorized access or remote control over a victim’s or targeted computer system. This RAT operates stealthily and grants attackers access to various functionalities within the compromised system. Its malicious activity includes data theft, privilege escalation, remote desktop control, email credential collections, browser credential parsing and more.

Once again it’s time for everyone’s favorite announcement: a brand new Teleport release! This release marks version 14 of Teleport and is packed with features, including a UI makeover. Let’s dive in! Teleport 14 brings the following new major features and improvements: Below are a few highlights: In addition, this release includes several changes that affect existing functionality listed in the “Breaking changes” section below.

On September 21, 2023, Apple released emergency security updates to fix three vulnerabilities impacting macOS, iOS, iPadOS, and Safari. Citizen Lab and Google Threat Analysis Group (TAG) observed these three vulnerabilities exploited in an exploit chain against a former Egyptian Member of Parliament to deploy Predator spyware. Predator was developed by Intellexa/Cytrox to perform surveillance on targeted mobile devices.

An account takeover attack is a form of identity theft in which a cybercriminal takes over someone else’s online account. Cybercriminals steal a victim’s login credentials without them knowing through methods such as brute force attacks and phishing. Once the cybercriminal gains access to a victim’s account, they change the login credentials to prevent the victim from logging back in.

Casinos bring in millions of players and billions of dollars a year, via both physical venues and online platforms. And the industry estimated to grow by $11.42 billion between 2021 and 2025. Players trust casinos with their funds and high-value personal data, so it is no surprise that threat actors are targeting these venues to monetize their attacks.

The National Student Clearinghouse is a research facility that gathers data on students from approximately 22,000 high schools and more than 3,600 different colleges. Between all these schools throughout the United States, approximately 97% of the total student population is enrolled in the National Student Clearinghouse. That means the information for most students is on file with the organization.

Friends and Colleagues, We are proud to share that archTIS has won the 2023 Australian Defence Industry Award for Cyber Business of the Year for the second year running. We are humbled to once again be recognised by our peers and industry leaders for the valuable contributions and leadership role archTIS has taken in solving the critical Defence challenge of securing sensitive and classified information sharing.

We couldn’t be prouder that CrowdStrike achieved the highest coverage across the last two consecutive MITRE Engenuity ATT&CK® Evaluations. We achieved 100% protection, 100% visibility and 100% analytic detection coverage in the Enterprise Round 5 evaluation — which equates to 100% prevention and stopping the breach. We also achieved the highest detection coverage in the Managed Security Services Providers testing.