Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Stay Focused on Relevant Threat Intel Through Scoring and Expiration

John Lennon popularized the phrase, “Life is what happens when you’re making other plans.” And that’s an apt characterization for how we think about threat intelligence. We tend to focus on it to block or alert-on an attack. Meanwhile life is what’s happening to our threat intel while we’re making these plans. When we don’t pay attention to the threat intelligence lifecycle, we can run into trouble.

McAfee Discovers New Phishing Campaign Targeting GitHub Users

A phishing campaign is targeting GitHub users with phony CAPTCHA pages, according to researchers at McAfee. The phishing emails ask users to address a security vulnerability in a GitHub repository that they recently contributed to, and contain a link to find more information about the alleged vulnerability. This link leads to a fake CAPTCHA page that attempts to trick them into installing malware.

Better Together: The Benefits of Combining MXDR and TPRM

Security operations teams face escalating demands to promptly detect and respond to third-party cyber threats, largely due to the increasing number of data breaches occurring within an organization’s supply chain. An effective program to manage this type of cyber risk is essential for safeguarding sensitive data and maintaining business continuity.

CVE-2024-8190 - OS Command Injection in Ivanti CSA

A high severity OS command injection vulnerability, CVE-2024-8190, has been found in Ivanti Cloud Services Appliance (CSA) versions 4.6 Patch 518 and earlier. This flaw allows attackers with admin access to remotely execute malicious commands, potentially taking full control of the system. Ivanti has already released updates, but this command injection vulnerability is actively exploited in the wild, making immediate action critical.

The Truth About Why Server-Side Bot Management Beats Client-Side

As a security professional considering a robust bot defense strategy, it’s important to understand the ever-evolving nature of bot threats and the critical need for a scalable, robust solution. Traditionally, businesses rely on agent-based bot management solutions, also known as client-side or front-end detection, by deploying small pieces of software (agents) on customer devices to detect malicious activity. However, these approaches carry significant risks.

Integrating Security as Code: A Necessity for DevSecOps

Security practices in DevOps have evolved from being a minor concern to one of the main focus points, which resulted in the DevSecOps movement. It’s about “shifting security to the left” in the software development lifecycle – so the security measures are a fundamental component. Traditionally, security management was moved to the final stages of developing software, and it has proven its ineffectiveness in dealing with the challenges of modern software projects.

Critical Vulnerabilities Discovered in Automated Tank Gauge Systems

Industrial Control Systems (ICS) have become a ubiquitous part of modern critical infrastructure. Automatic Tank Gauge (ATG) systems play a role in this infrastructure by monitoring and managing fuel storage tanks, such as those found in everyday gas stations. These systems ensure that fuel levels are accurately tracked, leaks are detected early, and inventory is managed efficiently.

Falcon Exposure Management - Predictors of Attack

Falcon Exposure Management empowers enterprises with real-time insights to confidently manage risk by creating a near digital twin of your IT and security landscape. Predictors of Attack leverages OverWatch and Intelligence Patterns to analyze potential intrusion vectors, transforming complex data into clear investigation and remediation priorities. Guided Remediation then pre-calculates the most effective solutions, turning priorities into actionable plans—all to stop breaches before they start.

Falcon Next-Gen SIEM - Detection Posture Management & Workflow Automation Enhancements

Crowdstrike's new detection posture management dashboard lets you visualize your detection posture like never before. Once you understand your current posture, the Falcon Platform empowers you to streamline prescriptive countermeasures in your workflows with the latest releases in Falcon Fusion. Our content library contains an ever growing collection of applications, actions, triggers, and playbooks that help you break down silos between teams and technologies. These innovations make it even more efficient for you and your team to respond faster than the adversaries, and ultimately stop the breach.