During Sumo Logic’s Illuminate user conference, Heath Hendrickson, senior security architect at the Clorox company, and Gary Conner, senior threat protection lead, presented how they are leveraging Sumo Logic across security operations, threat hunting, IT operations, and more.

Hacks that make headlines are painful for everyone involved, but with some clever preparation and web monitoring at your side you can avoid the worst of this pain. Those who have been victimized face a steep uphill battle to reclaim trust and authority. Unwitting victims, like customers and end users, suffer downtime or leaks containing personally identifiable information. If your eye is not on security, your organization is inviting these kinds of attacks.

In days gone by, highly regulated industries like pharmaceuticals and finance were the biggest targets for nefarious cyber actors, due to the financial resources at banks and drug companies’ disposal – their respective security standards were indicative of this. Verizon reports in 2020 that, whilst banks and pharma companies account for 25% of major data breaches, big tech, and supply chain are increasingly at risk.

We can finally bid a not so fond farewell to 2020. Looking back at our Threat Thursday series in reflection there is no way other than to say 2020 was a brutal year in cybersecurity. 2019 had already driven ransomware into high gear, but the seven-figure ransom extorted from Travelex really set the tone for what was to come this year. The New Year is a time to reflect, but most importantly it’s a time to learn from the past to create a safer, more secure future.

Every second counts when it comes to Managed Service Provider (MSP) security — the longer it takes an MSP to complete security incident response, the greater the ramifications of the incident on the service provider and its stakeholders. When faced with a cyber attack, it’s crucial to understand the potential consequences of the security incident. It also is paramount for an MSP to establish a plan, so it can quickly and effectively respond to cyber attacks and other security incidents.

Most modern organizations understand that the earlier you integrate security into the development process, the more secure the applications will be in production. For containerized workloads, securing the container image throughout the application life cycle is a critical part of security, but many organizations don’t even follow basic best practices for ensuring secure container images.

Calico and Kubernetes go hand-in-hand. Kubernetes is the de facto standard for deploying and managing container-based applications at scale, both on-premises and in the cloud. Calico continues to be the most popular open-source networking and network security solution for Kubernetes. Despite the cataclysmic events that occurred in 2020, the Calico community, supported by the team at Tigera, remained focused and achieved several major successes. We are excited to share these highlights.

Avon and Family Tree aren’t companies you would normally associate with cybersecurity, but this year, all three were on the wrong side of it when they suffered massive data breaches. At Avon 19 million records were leaked, and Family Tree had 25GB of data compromised. What do they have in common? All of them were using Elasticsearch databases. These are just the latest in a string of high profile breaches that have made Elasticsearch notorious in cybersecurity.

Adrozek is a malicious browser modifier that, when installed on users’ machines, infects them with adware. This particular strain of malware has been making rounds since May 2020; according to Microsoft, it was at its peak in August, when as many as 30,000 computers were affected per day. Although classified as adware, Adrozek is also designed to collect information extracted from browsers by modifying browser settings and extensions.

Over the last few days, third parties and the media publicly reported on a malware, now referred to as SUPERNOVA. Based on our investigation, this malware could be deployed through an exploitation of a vulnerability in the Orion Platform.