When COVID-19 hit in the spring and schools quickly transitioned to remote learning, we saw in real-time how important IT departments in education are. It was IT’s quick thinking that helped administrators, teachers, and students continue in their learning environments. Now that the ‘20-’21 school year is ramping up, it’s important that IT leaders in education continue on the path to success and plan for the expected and unexpected.

Last month, members of the Elastic Security team hosted a threat hunting capture the flag (CTF) event at BSides SATX. We provided the community with an environment to learn and practice threat hunting with our team, and cultivated new relationships with attendees. By sharing information with security practitioners, we can help prepare them to defend their organization’s data from attack through knowledge transfer.

Persistence is effectively the ability of the attacker to maintain access to a compromised host through intermittent network access, system reboots, and (to a certain degree) remediation activities. The ability of an attacker to compromise a system or network and successfully carry out their objectives typically relies on their ability to maintain some sort of persistence on the target system/network.

As the COVID-19 pandemic rages on, many educational institutions have been forced to shift their on-campus classes to online classes. Various EdTech platforms have also launched free classes that have prompted students to try their hands on digital education. With more students turning to online learning than ever, these platforms have emerged as a lucrative target for cybercriminals.

The Cybersecurity Framework (CSF) was developed by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. This framework was created through collaboration between various private-sector and government experts to provide high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes.

Amazon Web Services provides its users with the ability to create temporary credentials via the use of AWS Security Token Service (AWS STS). These temporary credentials work pretty much in the same manner like permanent credentials created from AWS IAM Service. There are however two differences.

Because a lot of systems are connected to the web these days (or, at least, communicate/integrate with it at some level), companies are giving more and more attention to web security. Web security usually comes to public attention when certain events reach the news, for example, security leakages, hacker activities, and/or data-stealing over big companies, some of them really large (like Google, LinkedIn, etc.).

Once upon a time the telephone system was a trusted method of connecting people. While we now spend more time on our phones than ever, our relationship to phone calls has changed -- we’re hesitant to answer calls from unknown phone numbers, often because we think the call is a con. But what if the caller ID is spoofed/modified and made to look like a telephone number that you may trust or a number with a local area code and familiar prefix?

Hybrid cloud infrastructures run critical business resources and are subject to some of the strictest network security controls. Irrespective of the industry and resource types, these controls broadly fall into three categories. Workloads (pods) running on Kubernetes are ephemeral in nature, and IP-based controls are no longer effective. The challenge is to enforce the organizational security controls on the workloads and Kubernetes nodes themselves.

Ransomware is a malicious type of software that’s used to extort money from victims. It almost always promises to restore the data it encrypts or the operating system it locks, in exchange for a large sum of money. Networks seem to face threats from all directions, but there are ways to prevent malware attacks. Specialized software can protect your assets. In addition, there are other steps you can take to strengthen your ransomware prevention best practices.