Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this post, we show how enriching Zeek® logs with cloud and container context makes it much faster to tie interesting activity to the container or cloud asset involved.In cloud or container environments, layer 3 networking is abstracted away from the higher-level tasks of running workloads or presenting data. Because of this abstraction, when Zeek logs are collected for cloud or container network environments, the attribution of a network flow to actual workload or application is difficult.

Read also: Chinese hackers are exploiting a Windows MSDT zero-day, Costa Rica’s health service hit by a ransomware attack, and more.

Kroll’s incident responders have seen threat actor groups becoming increasingly sophisticated and elusive in the tactics, techniques and procedures they employ to steal payment card data. One common method is to “scrape” the Track 1 or Track 2 data stored on the card’s magnetic stripe, which provides the cardholder account and personal information criminals need to make fraudulent “card-not-present” (CNP) transactions.

Your project teams take hundreds, if not thousands of photos every year. And while it’s easy to take the actual photos, it can be a huge pain to download and organize all those images. Think about how most companies operate today. A team member takes a bunch of pictures, goes back to the office or the trailer, downloads the pictures from the camera or mobile device, uploads them to the system, and then organizes and posts them.

2022 has been busy in the cyber world. While there were signals in 2021 with the increased in activity in threat actors targeting OT environments with ransomware, the conflict in Ukraine prompted many businesses to press harder in asking more questions about their own resilience with operational technologies (OT) and supply chain infrastructure.

Company IT and security teams are facing cybersecurity challenges that increasingly test their defensive capabilities. Organizations have to protect themselves from a growing number of incidents (one attack every 39 seconds, according to the University of Maryland) and sophisticated threats, many of which have serious consequences.

Today Devo announced Devo SciSec, which brings together a talented team of threat research, advanced data science, and machine learning experts under the leadership of CTO Gunter Ollmann to help our customers preemptively detect and mitigate entire classes of threats. See and hear what Gunter has to say about SciSec in this video. Even before their formal introduction, the SciSec team has been busy delivering value-added capabilities to Devo customers.