Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike Falcon OverWatch™ threat hunters frequently uncover security testing activity in the course of routine hunting. While much of this activity can be confidently attributed to planned and sanctioned testing, OverWatch is always careful not to discount a threat on the basis that it looks like a test. Some of the more stealthy adversaries will attempt to evade detection by mimicking or using tools and techniques commonly used by security testers.

As energy and utilities companies strive to use the edge to innovate new solutions for delivering more efficient and resilient services, cybersecurity risks to carrying out those business missions loom large. Ransomware attackers and other cybercriminals have increasingly found energy and utilities organizations a profitable target, lobbying high-profile attacks in the last few years that have threatened safety and uptime in the process.

On October 25th, The OpenSSL team announced that OpenSSL 3.0.7 will contain a fix for a critical severity vulnerability that affects OpenSSL 3.x. The full details about the vulnerability were held in an embargo until November 1st. Due to the rarity of an OpenSSL critical-severity issue and the overwhelming popularity of OpenSSL, social media was flooded with messages about this issue, expecting a “Log4Shell”-level event.

Telework has become a mainstay, and with it, so has employee reliance on personal mobile devices. These devices are difficult to monitor and keep up to date, presenting a unique security challenge for U.S. local, state, and federal government organizations.

Controlling information leakage is one of the top digital ID advantages for people’s privacy. It is also known as “selective disclosure,” and it is something that all digital ID adapters regard to be critical for user privacy. However, a closer examination reveals that such a system might result in a digital trail of where and when a license is displayed, possibly allowing governments or corporations to follow people or their transactions.

Comodo is a cybersecurity solutions provider helping businesses and individuals stay protected from all sorts of cyber threats. It provides verdict processing, digital certificates, endpoint protection, helps organizations implement and monitor their network security policies, and much more. Among its digital certificates, Comodo also provides code signing certificates to developers and development companies.

What is different about cloud log management versus on-premises? The answer may seem simple, but several elements such as CloudTrail vs. CloudWatch come into play. In this article, we will cover some of the most important differences, and then dig deeper into a specific example of AWS CloudTrail vs. CloudWatch.

In our last blog post, we discussed the importance of having a solid Incident Response plan in place. In this blog post, we will discuss the next step in that process: identification. Once you have determined that an incident has occurred, it is important to identify the scope of the issue as quickly as possible. This will help you determine the best course of action and ensure that your response is effective.