The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
2020 was a crazy year with tremendous disruption, hardship, and loss. While the pandemic brings social and economic chaos, it is also changing the very nature of how we live and work. This year we have seen a new wave of digital transformation amongst various business sectors and dramatic shifts in consumer behavior.
Intezer and Microsoft reported on Sept. 9 that TeamTNT hackers are deploying Weave Scope in compromised systems as an auxiliary tool in their intrusions. Weave Scope is a legitimate and powerful tool to manage server infrastructure that, once deployed, makes it easy to control all resources. In this article, we will describe how this tool can be used maliciously, and how to add specific checks in your security set up to look for it.
Opsgenie is a powerful alert management service that allows you to flexibly set up teams for different alerting groups. Our development team have been working hard to deliver new features and integrations, and now you are able to integrate Opsgenie with RapidSpike to help with your website monitoring.
This post is part of a blog series highlighting how we embrace the solutions and features of the Elastic Stack to support our business and drive customer success. The Elastic InfoSec Security Engineering team is responsible for deploying and managing InfoSec's infrastructure and tools. At Elastic, speed, scale, and relevance is our DNA and leveraging the power of the Elastic Stack is the heart of InfoSec.
How is your website showing your customers that you care? You are selling a great product and making some good money, but what are you doing in return to assure your customers that all their payment and private data is protected? If you haven't thought about that before, now is the time because a significant data breach could mean the end of your company.
Several factors in recent years have increased endpoint vulnerability — from organizations’ need to make access to data more fluid, to threats targeting mobile device access and networks, to the growing work-from-home and work-on-the-go trends. Endpoints connected to a network — including remote devices, IoT devices, workstations, tablets, laptops and servers — create attack paths for security threats.
The global pandemic has fueled a rapid digital transformation — and led to permanent shifts in cybersecurity. In a recent joint webinar with Bryan McAninch, senior solutions engineer at Splunk, and guest speaker Chris Kissel from IDC, "Sp(e)lunking Security with MITRE ATT&CK® featuring IDC Research," they shared seven overarching trends in cybersecurity for 2021. One notable, but foundational, trend mentioned was the need to understand risk.
The job of IT admins and IT security analysts are, without a doubt, some of the most important jobs in any company. When things are running smoothly, it is easy for everyone to forget they exist. However, the moment things go askew, everyone points fingers at them. IT security professionals are expected to know everything. Most of them are self-taught and have learned on-the-job. Over time, experience has turned them into battle-hardened soldiers.
This tutorial focuses on how to write a promise module, implementing a new CFEngine promise type. It assumes you already know how to install promise modules and use custom promise types, as shown in the previous blog post.
