Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Splunk Threat Research Team has addressed a new malicious payload named AcidRain. This payload, deployed in the ongoing conflict zone of Eastern Europe, is designed to wipe modem or router devices (CPEs).

Software-as-a-service or SaaS has taken the business world by storm. With enormous benefits and features, it is no surprise that the SaaS industry has increased by 500% over the past seven years only. However, like any other technology, it carries a significant risk of data breaches. Do you know that encryption worries are the biggest SaaS-related security concerns for businesses?

But if your organisation hasn’t commissioned a pen test before, you might be wondering what’s actually involved. Read on to learn about the key penetration testing steps we follow.

Infrastructure as code (IaC) has become the de-facto method for dealing with infrastructure at scale. This codification of infrastructure configurations lets software development teams create version-controlled, reusable configurations. Moreover, it enables integrating infrastructure management as a part of the delivery pipeline.

Ekran System is glad to announce new capabilities for integrating with Microsoft Power BI that will help you simplify data processing and visualization. Since the majority of our customers use Microsoft Power BI to visualize data, optimizing the Ekran System API for working with this tool was a top priority for us. Now, you can easily and quickly export your monitoring data from Ekran System directly to a report template of your choice in Power BI.

Cyber breaches are everywhere, people are working from anywhere, and data creation is exploding. As a result, businesses want solutions that make data collaboration and governance easier and more secure, and MSPs are at the forefront of this market opportunity. Those opportunities were on full display last week as more than 250 managed service providers, technologists, and Egnyte leaders met virtually—and in-person in London—for Egnyte’s annual MSP Summit.

American novelist F. Scott Fitzgerald famously wrote that “the test of a first-rate intelligence is the ability to hold two opposing ideas in mind at the same time, and still retain the ability to function.” All experienced security practitioners learn to master this mental trick. On the one hand, they believe efforts to prevent and detect breaches will be effective. On the other hand, they diligently prepare for the day when their efforts will fail.

In Q1 2022, Kroll observed a 54% increase in phishing attacks being used for initial access in comparison with Q4 2021. Email compromise and ransomware were the two most common threat incident types, highlighting the integral part played by end users in the intrusion lifecycle.

JavaScript supply chain attacks are a bit like rolling thunder. The boom starts in one location and then reverberates along a path, startling folks, shaking windows, and—if there is a significant enough storm to accompany the thunder—leaving varying degrees of devastation in its wake.

Third-party data breaches are one of the most concerning issues in cybersecurity today. You need your third parties to do business, but you can’t always trust (or verify) that their cybersecurity controls are as strong as they say, no matter how many questionnaires you send out. And of course, cybercriminals know that by hitting vendors rather than every single company separately, they can get the most ill-gotten gains for their effort.