Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The importance of cyber training for remote workers

Working remotely has its own personal challenges in terms of productivity: between the cat walking across your keyboard and the kids dropping in on your Zoom meetings, workers across the globe have had to adjust to doing their job in a different way. Organisations also had to swiftly transition to employees working remotely, and this has introduced a new set of risks from a cyber security perspective.

Fix now: High risk vulnerabilities at large, July 2020 part 2

In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news items affecting F5 BIGIP and Pan-OS. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

5 Steps to Digitizing Your Workspace

Picture your workspace at the office from ten, five, or even two years ago—what has changed? Your computer likely occupies less space than it did in the past. Your office phone, which was once wired to the corner of your desk, now sits comfortably in your pocket. And you are probably working at home exclusively, or at least most of the time.

Ditch the Checklist: Why Automation is the Key to Content Compliance

Compliance frameworks provide guidelines for effective and secure operations for content management across a company’s various repositories. They’re written as a set of controls, each one which corresponds to different settings and policies that an organization must follow in order to ensure the safety of their data.

CI/CD Detection Engineering: Splunk's Security Content, Part 1

It's been a while since I've had the opportunity to take a break, come up for air, and write a blog for some of the amazing work the Splunk Threat Research team has done. We have kept busy by shipping new detections under security-content (via Splunk ES Content Update and our API). Also, we have improved the Attack Range project to allow us to test detections described as test unit files.

Nation-State Espionage Targeting COVID-19 Vaccine Development Firms - The Actions Security Teams Need To Take Now!

Throughout the duration of COVID-19, there have been consistent rumors of increased nation-state espionage. In parallel, many recent ransomware strains have a COVID-19 tie-in. Now the United Kingdom's National Cyber Security Centre (NCSC), published an advisory report that the threat group APT29 is targeting governmental, diplomatic, think-tank, healthcare and energy targets for intelligence gain which are involved in COVID-19 vaccines development and testing.

The LLMNR/NBT-NS strike

Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two protocols that are used to identify a host address on a network when the DNS name resolution, which is the conventional method, fails to do so. When a DNS server is unable to resolve a request from a requester machine, the latter broadcasts a message to its peer computers asking for the location of the required server. Hackers leverage this operation to steal the credentials of the requester machine.