%term

Detecting CVE-2022-30216: Windows Server Service Tampering

Aug 9, 2022 By Corelight Labs Team In Corelight

In July 2022, Microsoft disclosed a vulnerability in the Windows Server Service that allows an authenticated user to remotely access a local API call on a domain controller, which triggers an NTLM request. This results in a leak of credentials that allows an attacker to authenticate to Active Directory Certification Services (ADCS) and to generate a client certificate that enables remote code execution on a domain controller.

Read Post

Corelight

Read more about Detecting CVE-2022-30216: Windows Server Service Tampering

Improving CrowdStrike Falcon Detection Content with the Gap Analysis Team

Aug 8, 2022 By Sean Pagano In CrowdStrike

CrowdStrike is always looking for innovative ways to improve detection content for our customers. We believe a multifaceted approach that combines customer input, standardized testing and internal research is necessary to stop breaches today and in the future. At CrowdStrike, we never rest, because neither does the adversary.

Read Post

CrowdStrike

Read more about Improving CrowdStrike Falcon Detection Content with the Gap Analysis Team

Raspberry Pi Sensors for Home Networks

Aug 5, 2022 By Corelight In Corelight

Is your IoT dryer transferring 1GB+ of traffic daily? Does your Tesla phone home to the mothership? Is your employer monitoring you at home? Learn a quick, easy, free method for using a Raspberry Pi to gain visibility into your home network. We'll teach you to find out what your smart (and not-so-smart) devices are doing using ZeekⓇ logs and Suricata alerts–two flagship open-source technologies–skills transferable to your day job and enterprise environments.

View Video

Corelight

Read more about Raspberry Pi Sensors for Home Networks

How to Make Progress on the Zero Trust Road Map

Aug 5, 2022 By Corelight In Corelight

It's been a year since President Biden's executive order that called out zero trust as a primary focus. Corelight's Richard "Chit" Chitamitre discusses the prevalent misunderstandings about zero trust, as well as use cases for how to embrace the framework and make measurable progress along the way. In this video interview, in partnership with Information Security Media Group, you will learn.

View Video

Corelight

Read more about How to Make Progress on the Zero Trust Road Map

Trustwave Named Innovation Leader in Frost & Sullivan's Frost Radar Global Managed Detection and Response Market

Aug 4, 2022 By Trustwave In Trustwave

Frost & Sullivan analysts investigated 70 market participants and recognized Trustwave as one of 15 Innovators in the field. The report noted that Trustwave’s Fusion platform allows clients to manage and view their cybersecurity status, and elite SpiderLabs are driving factors behind being honored. “Trustwave Fusion, a security operations platform that integrates and enriches data from over 750 third-party sources, including cloud, network, endpoints, and email.

Read Post

Trustwave

Read more about Trustwave Named Innovation Leader in Frost & Sullivan's Frost Radar Global Managed Detection and Response Market

Endace and Vectra Partner to Equip IT Teams with Deep Forensic Insight to Combat Even the Toughest Cyberattacks

Aug 3, 2022 By Endace

Integration Provides Superior Threat Detection and Response to Clouds, Datacenters, IoT Devices, and Enterprise Networks.

Read Post

Read more about Endace and Vectra Partner to Equip IT Teams with Deep Forensic Insight to Combat Even the Toughest Cyberattacks

Integrating Open NDR To Automate Alert Response Via Better Network Evidence

Aug 1, 2022 By Corelight In Corelight

Are you interested in context for your cloud or container environment when you investigate an event from last week, last month, or last year? Would it save you time to have IDS alerts that include the full context of the connection? Watch this SANSFIRE 2022 webcast and to see James Schweitzer demonstrate easy to understand, interlinked network evidence, available wherever you need it and which also enables orchestration.

View Video

Corelight

Read more about Integrating Open NDR To Automate Alert Response Via Better Network Evidence

SANS 2022 Threat Hunting Survey - Hunting for a Standard Methodology for Threat Hunting Teams

Jul 27, 2022 By Corelight In Corelight

We’ll also look at the past two years to see if global economic impacts have caused any industry changes that give us cause to rethink our approach to threat hunting.. Key topics will include operationalizing threat hunting, innovative threat hunting tactics and techniques, and new tools that can help threat hunting for both endpoints and networks.

View Video

Corelight

Read more about SANS 2022 Threat Hunting Survey - Hunting for a Standard Methodology for Threat Hunting Teams

Break Threat Patterns with Complete Visibility Across all Your Data

Jul 27, 2022 By Corelight In Corelight

Master threat hunting practices to resolve incidents before they impact mission critical assets Learn about threat hunting for all roles and skill levels from CrowdStrike, Humio and Corelight. Learn how modern log management helps quickly identify the root cause of an issue. Get tips on what to look for and best courses of action for prevention and remediation — resolving incidents before they impact your mission critical assets.

View Video

Corelight

Read more about Break Threat Patterns with Complete Visibility Across all Your Data

The future of email threat detection

Jul 25, 2022 By Justice Levine In AT&T Cybersecurity

As businesses continue to adopt cloud integration and remote work increases, security teams are facing more visibility challenges as well as an influx of security event data. There is more need to understand the threats than ever before, as the threat surface area increases, and tactics increase. Cyber threats are becoming more sophisticated and occurring more frequently, forcing organizations to rely on quality threat detection to protect their data, employees, and reputation.

Read Post