Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

solarwinds

Securing Your Expanding Network Perimeter

Dec 14, 2020 By Brandon Shopp In SolarWinds
Cybersecurity attacks, such as ransomware and phishing scams, have delivered crippling IT blows in the public sector for some time. And here’s the bad news—these attacks have proliferated in the days of COVID-19. A new report from Google found a 350% increase in phishing attacks since the beginning of the year. To better defend against today’s cyberattacks, state and local governments are increasingly exploring the benefits of software-defined networking (SDN).
Read Post
splunk

Using Splunk to Detect Sunburst Backdoor

Dec 14, 2020 By Ryan Kovar In Splunk

TL;DR: This blog contains some immediate guidance on using Splunk Core and Splunk Enterprise Security to protect (and detect activity on) your network from the Sunburst Backdoor malware delivered via SolarWinds Orion software. Splunk’s threat research team will release more guidance in the coming week. Also please note that you may see some malicious network activity but it may not mean your network is compromised. As always review carefully.

Read Post
manageengine

How a mobile device management solution can help with securing devices in the digital workspace

Dec 11, 2020 By Mobile Device Manager Plus In ManageEngine

The past decade has witnessed many organizations adapting to a digital workspace, replacing the traditional physical offices setups with virtual workplaces encompassing all the technologies that employees require to get their work done. Because of the pandemic, even companies that were once against the concept of a distributed workforce have now been forced to embrace remote work. Though a digital workspace offers a more flexible user experience for employees, it comes with its own set of challenges.

Read Post
datadog

Accelerate security investigations with Datadog Threat Intelligence

Dec 11, 2020 By Marc Tremsal In Datadog

Attackers (i.e., threat actors) often reuse techniques or resources, such as IP addresses, hashes, and domains, in multiple attempts to find and exploit vulnerabilities in your systems. Defenders can categorize this data as indicators of compromise (IOCs) and create collections of IOCs in order to look out for potential attacks. These IOC collections are known as threat intelligence.

Read Post

Enhance and automate your cybersecurity operations

Dec 11, 2020 By Flowmon In Flowmon
Watch Keysight and Flowmon present a cybersecurity solution reaching into the layer one transmission and utilizing behavior analysis to identify a hacker’s fingerprint.  Keysight will give a high level explanation on how to build an efficient visibility architecture utilizing Taps and Network Packet Brokers. Keysight will then provide an introduction to Threat simulator, a breach and attack simulation platform, which will be used in the demonstration to provide realistic attack traffic to the Flowmon. 
View Video
sumologic

Automatic correlation of FireEye red team tool countermeasure detections

Dec 11, 2020 By Sumo Logic In Sumo Logic
Sumo Logic has reviewed the announced breach on December 8, 2020 by FireEye and their subsequent public release of over 300 countermeasure rules. We are continuing to analyze the available information and would like to share this update to all existing and prospective customers interested in how our Sumo Logic services can assist with this development.
Read Post
Featured Post
opsmatters

12 Hybrid Cloud Security Threats That You Can Fix

Dec 10, 2020 By Katherine Rundell In OpsMatters
When it comes to having a safe and secure multiple-cloud architecture, you'll need a hybrid cloud security mindset, which focuses on securing data wherever it may be. When done correctly, a hybrid cloud (private and public) can help make your company more productive while saving money. However, a secure hybrid cloud requires a well-thought-out plan, and plenty of focus on encryption and data access control. With that said, here are 12 of the most tedious security threats in hybrid cloud security that you can actually fix.
Read Post
sysdig

Preventing malicious use of Weave Scope

Dec 10, 2020 By Vicente Herrera García In Sysdig

Intezer and Microsoft reported on Sept. 9 that TeamTNT hackers are deploying Weave Scope in compromised systems as an auxiliary tool in their intrusions. Weave Scope is a legitimate and powerful tool to manage server infrastructure that, once deployed, makes it easy to control all resources. In this article, we will describe how this tool can be used maliciously, and how to add specific checks in your security set up to look for it.

Read Post

Getting Up and Running with Calico for Windows

Dec 10, 2020 By Tigera In Tigera
Calico is the only cross-platform CNI and networking and network security policy engine available today. It currently powers more than 150,000 known clusters across millions of nodes worldwide. Calico is also unique in supporting multiple dataplanes: Standard Linux, eBPF, and Windows HNS. Many organizations have .NET and Windows workloads that they have or eventually will modernize and deploy to Kubernetes. However, this may be uncharted territory for teams that are using Windows. This session is intended to inform and ease your adoption of Kubernetes on the Windows platform.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.