TL;DR: This blog contains some immediate guidance on using Splunk Core and Splunk Enterprise Security to protect (and detect activity on) your network from the Sunburst Backdoor malware delivered via SolarWinds Orion software. Splunk’s threat research team will release more guidance in the coming week. Also please note that you may see some malicious network activity but it may not mean your network is compromised. As always review carefully.

Moving to the cloud means a lot more than just moving your servers and applications to the cloud; it’s also about the data – and data always has a target on it. A lot of IT departments are finding that it’s easier to meet the “five nines” (99.999%) of uptime and availability by going outside their organization and letting AWS, Microsoft, or Google handle the infrastructure and personnel needed to meet those requirements.

2020 has been a very interesting year for the global workforce, with the vast majority of organizations having to rapidly transition to a remote workforce with little to no prior notice thanks to the COVID-19 pandemic. The 2020 (ISC)2 Cybersecurity Workforce Study looks at the effect of this transition to remote work and how organizations have fared. It also analyzes the impact of the pandemic and the resultant transition to remote work on cybersecurity professionals.

The past decade has witnessed many organizations adapting to a digital workspace, replacing the traditional physical offices setups with virtual workplaces encompassing all the technologies that employees require to get their work done. Because of the pandemic, even companies that were once against the concept of a distributed workforce have now been forced to embrace remote work. Though a digital workspace offers a more flexible user experience for employees, it comes with its own set of challenges.

Attackers (i.e., threat actors) often reuse techniques or resources, such as IP addresses, hashes, and domains, in multiple attempts to find and exploit vulnerabilities in your systems. Defenders can categorize this data as indicators of compromise (IOCs) and create collections of IOCs in order to look out for potential attacks. These IOC collections are known as threat intelligence.

2020 has been a quite the year for headline-grabbing data breaches thanks to a combination of record-breaking numbers and behind-the-hack tales. Despite huge investments in security tools and awareness, organisations of all sizes have struggled to fully protect their data from cyber criminals.

In the recently released 2020 Gartner Magic Quadrant for Secure Web Gateways (SWG) report, Netskope was recognized as a visionary, entering a decades-old legacy security solution area first defined by proxy cache appliances. Times have changed since human rating labs, regional web filtering lists, the use of ICAP for threat and data protection of files, web object caching, bandwidth management, and scripting policies to filter out undesired web objects.

Are you fascinated with cryptography? You're not alone: a lot of engineers are. Occasionally, some of them decide to go as far as to write their own custom cryptographic hash functions and use them in real-world applications. While understandably enticing, doing so breaks the number 1 rule of the security community: don't write your own crypto. How do hashing algorithms work and what's special about password hashing? What does it take for an algorithm to get ready for widespread production use?