V2 Illuminate Install
In today's video Jeff Darrington takes you through the new Illuminate features as well as showing you how to upgrade to the newest version (V2).
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Logging
Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Nowadays, malware used to have several stages before it fully compromised the targeted host or machine. The very well-known initial stager is the “phishing email” that contains a malicious macro code or malicious URL link that will download either the actual loader or the next stager to download the actual payload.
Six Pillars of DevSecOps
DevOps and Security. One encourages speed, agility, iterative learning, enabling technology to keep up with the pace of business. The other wants to keep you safe, slows things down, crosses all the T's and dots all the I's. They seem to be at odds with one another — but do they need to be? DevSecOps says no, that’s not the way it has to be.
How to Detect Log4Shell Events Using Coralogix
The Log4J library is one of the most widely-used logging libraries for Java code. On the 24th of November 2021, Alibaba’s Cloud Security Team found a vulnerability in the Log4J, also known as log4shell, framework that provides attackers with a simple way to run arbitrary code on any machine that uses a vulnerable version of the Log4J. This vulnerability was publicly disclosed on the 9th of December 2021.
Searching Data - Time Control
For a more accurate analysis of the events, now Devo offers the possibility to work with both creation and ingestion dates. Table of Contents.
Devo's 2022 Cybersecurity Predictions: Part Two
In part one of our 2022 cybersecurity predictions series, Devo CSO Gunter Ollmann explained the rise of XDR, the detection-as-code and response-as-code movement, and the growing interest in security tools with built-in, on-demand expertise. In this second installment of our series, I share my take on how the cybersecurity landscape will evolve. Let’s dive into it.
What Is Data Logging?
Humio is a CrowdStrike Company. Data logging is the process of capturing, storing and displaying one or more datasets to analyze activity, identify trends and help predict future events. Data logging can be completed manually, though most processes are automated through intelligent applications like artificial intelligence (AI), machine learning (ML) or robotic process automation (RPA).
Simulating, Detecting, and Responding to Log4Shell with Splunk
For more information on how to respond to the Log4j vulnerabilities using Splunk products, please see our Log4Shell response overview page. Like most cybersecurity teams, the Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect the Log4j attack vector. This post shares detection opportunities STRT found in different stages of successful Log4Shell exploitation.
The Power of Splunk: Security
Shape-shifting threats. Nefarious plots. A deluge of alerts. Nope, it’s not a new sci-fi movie. These are the things security teams are up against today. But Splunk is here to help. Watch the video to see how Splunk helps companies defeat threats and outsmart risks.
Flow Use Case: Limit Intruder Dwell Time
In this use case, a hypothetical attacker used an exploit against our machine in the local network, which triggered an alert from an external security service. Our external service does not provide additional details about the threat. We will use this Flow to combine the external service data and the data extracted by Devo to check if there's any data flow from the victim to the attacker.