The airline industry faces years of uncertainty as the world recovers from the impact of COVID-19. Airlines will focus on operational efficiency and the means to adapt quickly to changing circumstances and new opportunities. Passengers may be required to carry a vaccine passport, most likely a digital solution, which could bring a host of data security complexity. For these reasons and more, Scandinavian Airlines System (SAS) aspires to be a digital-first airline.

This quick blog is the first in a two-part series discussing a userland Windows exploit initially disclosed by James Forshaw and Alex Ionescu. The exploit enables attackers to perform highly privileged actions that typically require a kernel driver.

On June 2nd, 2021, the White House released a memo from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology. The subject? “What We Urge You To Do To Protect Against The Threat of Ransomware.” It outlines several recommendations on how to protect your organization from ransomware. The memo was a follow-up to President Biden’s May 12th Executive Order on Improving the Nation’s Cybersecurity Order (EO14028).

ManageEngine Firewall Analyzer reviews firewall logs to capture network security threats. It generates alerts upon detecting security threats and attacks, and notifies you, the security administrator, in real time. You can configure alerts to be sent via email, SMS, and more. With these real-time notifications, you can troubleshoot to take instant remedial action. You can also make changes to your firewall policies and configurations to prevent recurring security incidents.

In the wake of the COVID-19 pandemic, many organizations are adopting or experimenting with new models of long-term remote work. For some, that means keeping their teams fully distributed. For others, it means giving employees more flexibility to work from home or even simply putting plans in place for the future. But this shift to remote work brings new challenges that both large enterprises and smaller organizations must face.

Collin’s dictionary defines “behavior pattern” as a recurrent way of acting by an individual or group toward a given object or in a given situation. Analyzing and understanding the behavior patterns of individuals has proven to provide in-depth solutions to problems in different walks of life, including cybersecurity.

This blog is the second in a four-part series on infrastructure automation for government agencies that are modernizing digital systems while grappling with budget and staffing constraints and the challenges of COVID-19.

The Sumo Logic team is pleased to introduce the general availability of Sumo Logic Cloud SIEM powered by AWS. This joint solution will empower CIOs, CISOs, security and IT leaders to solve modern and legacy security operations use cases for Enterprises of all sizes and maturity with deep and contextualized insights to reduce the time to detect and respond to threats.

As your security capabilities improve with centralized log management, you can create proactive threat hunting queries. Setting baselines, determining abnormal behavior, and choosing an attack framework helps you mitigate risk and respond to incidents. To reduce key metrics like the mean time to investigate (MTTI) and mean time to respond (MTTR), security operations teams need to understand and create proactive queries based on their environments.