Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Of all the tactics that an adversary will take on in their campaign, none will be more widely abused than, Execution (https://attack.mitre.org/wiki/Execution). When taking into consideration off-the-shelf malware, traditional ransomware, or state of the art advanced persistent threat actors, all of them have execution in common. There’s a great quote from Alissa Torres which says, “Malware can hide, but it must run.”

With the number of insider-related breaches rising every year, employee monitoring is becoming a common practice. Modern employee monitoring solutions help businesses track their employees’ productivity and work attendance, minimize administrative work, and enhance cybersecurity. In this article, we discuss why you should monitor your office staff, list the benefits and shortcomings of doing so, and explore best practices for monitoring your employees efficiently yet respectfully.

The year 2020 has left many people feeling like we are living in the twilight zone as the coronavirus sweeps the globe, changing life as most know it. From embracing the reality of a fully remote workforce, to dealing with ruthless cyber attackers taking advantage of unsuspecting people looking for help, and like all things, technology is playing a pivotal role in the way the pandemic plays out.

AT&T Alien Labs® Open Threat Exchange® (OTX) recently created a pulse for a new threat entitled the RIG Exploit Kit which had been observed distributing ransomware to victim companies across a variety of industry verticals. This exploit was discovered by BroadAnalysis who outlined the exploit’s intricacies in a whitepaper that was released December 2, 2019.

Today, we are facing an unprecedented situation. The COVID-19 pandemic is affecting everything we know -- our families, our businesses, our communities, and our way of life. In these tough times, many organizations have resorted to mandatory remote working for employees so they can still be productive and safe. Saas productivity tools like Zoom, Slack, G-Suite and Office 365 became seemingly mandatory in this new distributed workplace.

Alcide recently introduced Alcide kAudit, an automatic tool for analyzing Kubernetes Audit logs. This tool focuses on detecting non-compliant and anomalous behavior of users, automated service accounts and suspicious administration operations. Alcide’s recent integration with Sumo Logic enables users to gain full access to insights and real-time alerts from Alcide kAudit.

With so many of us frantically learning to juggle our roles as parents, workers and most recently teachers; is it just my wife and I who feel it necessary to monitor the online activity of our teenagers during this lockdown? Sure, there’s rich educational content out there, but it sits amongst social networks, streaming services, gaming consoles and a world of other distractions. I almost miss the days when staring out of the window was a reasonable ‘get out’!

Many in the digital security community are coming together to combat malicious actors during the coronavirus disease 2019 (COVID-19) global outbreak. One of the most visible of these new efforts is the COVID-19 CTI League. Made up of approximately 400 volunteers living in approximately 40 countries, the COVID-19 CTI League is working to block attackers from health care organizations and other medical facilities at this juncture.

Given the situation that many companies, organizations and government agencies have been forced into working remotely due to COVID-19, it is imperative to give some thought about corporate security.