Threat intelligence feeds are a critical part of modern cybersecurity. Widely available online, these feeds record and track IP addresses and URLs that are associated with phishing scams, malware, bots, trojans, adware, spyware, ransomware and more. Open source threat intelligence feeds can be extremely valuable—if you use the right ones. While these collections are plentiful, there are some that are better than others.

Yesterday, we sent out notifications to all our clients that are affected by the Let's Encrypt mass revocation of SSL certificates. In this post, we'll share the details how we found those certificates. Now, the morning after, we're well rested and in good shape to do a proper write-up on the matter.

Hello, security enthusiasts! This is part seven (can you believe it?) of the Elastic SIEM for home and small business blog series. If you haven’t read the first six blogs in the series, you may want to before going any further. In the prerequisite blogs we created our Elasticsearch Service deployment (part 1), secured access to our cluster by restricting privileges for users and Beats (part 2), then we created an ingest pipeline for GeoIP data and reviewed our Beats configurations (part 3).

In 2019, Cyber Defense Magazine named ManageEngine a Next Gen vendor in Unified Endpoint Management at IP EXPO in London, and then again at RSA Conference 2020 in San Francisco. Cyber Defense Magazine recognized ManageEngine in its 2020 InfoSec Awards for the features, capabilities, and value it delivers, along with its market presence.

The team at Let's Encrypt, the free certificate authority, has identified an issue that might have lead to unauthorized certificate issuance. Because it's hard to determine which sites have been abused, they have no other choice but to revoke all certificates that may have been maliciously issued. The result is a massive 3,048,289 certificates that will be revoked within the next 24 hours. We've just finished alerting all our users that are affected by this.

We are excited to announce the general availability of Calico Enterprise 2.7. With this release, Fortinet’s 400,000 customers can use FortiGate to enforce network security policies into and out of the Kubernetes cluster as well as traffic between pods within the cluster.

You’ve likely heard a thing—or two (ba dum tss!)—about two-factor authentication, or 2FA. After all, it’s become a bit of a hot topic recently as the nature and number of security breaches has evolved. Compromised user data regularly surfaces on the dark web, giving malicious actors access to your password(s) for a couple bucks. That’s why passwords just don’t cut it as your only security effort anymore—and that’s where 2FA comes in.

Recently, a StatusGator user on our 30 day free trial contacted us to inquire if StatusGator was GDPR compliant. The General Data Protection Regulation, or GDPR, is the European Union’s regulation that grants rights and requirements over personal data. Although we’ve been following the GDPR and its rollout for some time now, we haven’t taken active steps to comply with its requirements. We are based in the United States and don’t actively target European customers.

Another RSA Conference is in the books and despite a few vendors pulling out due to public health concerns, the show went on and offered attendees a glimpse of what lies ahead in the world of cybersecurity. The main theme for this year’s RSA event focused on the human element in addressing the behaviors and activities of users and analysts.