On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.

A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.

The attacks cybercriminals are using grow more complex and sophisticated by the day. However, with the help of big data analytics, you aren’t left defenseless. You can use big data analytics to fortify your cyber defenses and reduce your vulnerabilities. 1. Analytics can help you uncover suspicious patterns. Big data analytics protects your business data and strengthens your cybersecurity by providing valuable cybersecurity intelligence to your data analytics experts.

Central processing units (CPUs) can be compared to the human brain in that their unique architecture allows them to solve mathematical equations in different ways. x86 is the dominant architecture used in cloud computing at the time of this writing; however, it is worth noting that this architecture is not efficient for every scenario, and its proprietary nature is causing an industry shift toward ARM.

Four months into this new gig at Cribl, I wish I could bottle up that “lightbulb” moment I get when walking people through how Cribl LogStream can help them gain better control of their observability data. So I hope the scenario walkthroughs below will capture some of that magic and shed some light on how LogStream can improve your organization’s data agility – helping you do more with your data, quickly, and with less engineering resources.

It wasn’t too long ago that a security system would be nothing more than a few walls, some cameras, and an inattentive security guard. That’s no longer the case In today’s digital landscape. Now organizations must invest in securing their assets from a growing number of cyberthreats. To start, they must first draw up the boundaries of their IT security perimeter.

No one will be surprised to hear that ransomware is, once again, on the rise. The last two years have seen a stratospheric increase in both the frequency and sophistication of attacks. In a just-released report from Ivanti, Cyber Security Works and Cyware, 2021 closed out with alarming statistics including a 29% increase in CVEs associated with ransomware, and a 26% increase in ransomware families compared to the previous year.

Just how effective can an employee engagement campaign be? Consider this: A single Nexthink Engage campaign prompted 90% of employees to update their browser in one day. Despite not having access to the enterprise version of the Google Chrome browser, thousands of employees in this U.S. biopharmaceutical company downloaded the personal version of Google Chrome. 5200 employees to be exact.

Ransomware attacks are increasing in frequency and severity every year. The impact to companies is devastating. These attacks typically lead to lost business for companies as they often cause increased customer turnover, system downtime, diminished reputation and other adverse side effects.

On two occasions in December 2021, VMware Tanzu Application Service released remediations within 48 hours of critical CVEs being announced. These remediations were both in response to the Log4j saga, enabling VMware customers to defend against attack vectors quickly after the Day 0 event. This quick response is a reflection of the dedication of the VMware engineering teams working on Tanzu Application Service today.