Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks are now more sophisticated than ever. Attackers no longer even need extensive resources and infrastructure to cause major damage. A single bad Wi-Fi connection is all it takes to overthrow all the security measures your organization has in place. In this blog, we’ll look at how you can track and monitor your Wi-Fi connections to stay off an attacker’s radar.

We began working on Teleport with a vision to make trusted computing a reality for everyone, even for people without large budgets. That’s why we open sourced Teleport in 2015. Achieving this lofty goal takes a lot of work, which in turn requires capital. That is why we founded Teleport as a company and started to offer premium features required by enterprises. Thus, we must strike a delicate balance between benefiting the community and succeeding as a business.

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity & Infrastructure Security Agency (CISA)and WaterISAC to each issue incident reports and raised multiple questions regarding the site’s security and potential danger to similar plants.

Malicious browser extensions are a common attack vector used by threat actors to steal sensitive information, such as authentication cookies or login credentials, or to manipulate financial transactions.

When hunting, advanced security Splunkers use apps. Specifically, three related apps from an incredibly generous man named Cedric Le Roux! (You can guess from the name that yes, he's French.) And frankly, you probably only know one: URL Toolbox. One of the most popular Splunk security apps of all time, URL Toolbox’s URL parsing capabilities have been leveraged by thousands who want to separate subdomain, domain, and top level domain (TLD) from a URL.

As defenders, we need to keep pace with all kinds of different aspects of the attack surface. For Windows, the attack surface seems to just continue beyond our grasp every way we look, especially when we start to dig into trust and the registry. As previously outlined in the Splunk Threat Research Team’s blog, "From Registry With Love: Malware Registry Abuses," the vast methods used by adversaries to persist and abuse the Windows registry goes deep.

Passkeys have been publicly available for roughly a year. Engineered for security and phishing protection, this new form of passwordless authentication is still in the headlines — now under scrutiny.

Discover the inner workings of the recently implemented Cyber Resilience Act (CRA) in the EU and explore why this framework has raised concerns about jeopardizing the open-source ecosystem. Join us in our latest blog post to delve into this important topic.

When you hear the phrase “security policy,” a number of things may come to mind — cyberattacks, malware, data breaches and the like. While these are some reasons an organization might create security policies, a security policy for an organization covers protection of not only its digital assets, but its physical assets as well.

Data classification is essential for achieving, maintaining and proving compliance with a wide range of regulations and standards. For example, PCI DSS, HIPAA, SOX and GDPR all have different purposes and requirements, but data classification is necessary for compliance with all of them — after all, you need to accurately identify and tag health records, cardholder information, financial documents and other regulated data in order to protect that data appropriately.