Many organizations are prioritizing the health and well being of their workforce in the wake of the current global pandemic. Many threat actors are also taking advantage of this opportunity. I’ve seen recent examples of social engineering—with calculated phishing campaigns preying on those who seek information on the COVID-19. As noted by Security Researcher Brian Krebs, one hacker group even used a copy of a legitimate map of the impact of the virus to infect machines with malware.

Security teams must protect attack surfaces that are becoming bigger and more distributed due to the growth of remote work, cloud infrastructure, and other dynamics. These teams understand that meeting this challenge at scale requires the successful incorporation of the appropriate technology into their security operations program.

According to a recent study, 96% of applications in the enterprise market use open-source software. As the open-source landscape becomes more and more fragmented, the task to assess the impact of potential security vulnerabilities for an organisation can become overwhelming. Ubuntu is known as one of the most secure operating systems, but why? Ubuntu is a leader in security because, every day, the Ubuntu Security team is fixing and releasing updated software packages for known vulnerabilities.

Coronavirus is changing everything. But amid all the talk of shut-downs, quarantine, and stock market crashes, another huge impact of the current crisis has been a little overlooked: it’s consequences for cybersecurity. With hundreds of thousands of employees now working from home – in the US, Europe, and all over the world – many companies have had to rapidly put in place systems for them to connect their home devices to corporate networks.

A unified cloud infrastructure data model is fundamental for enterprises using multiple cloud vendors. Enterprise customers prefer to use multiple cloud vendors as a way to prevent being locked in and dependent on specific platforms. According to Gartner the top vendors for cloud infrastructure as a service in the years 2017-2018, are Amazon 49.4%, Azure 12.7% and Google with 3.3%.

It’s now day 3 since UK PM Boris Johnson instructed the nation to stay at home and begin self-isolating and remote working to limit the spread of Covid-19. We’re all starting to realise life may not be going back to ‘normal’ anytime soon. Aside from our nation’s unsung heroes (the NHS, Supermarket Staff, Teachers, Postal Workers, Waste Collectors, the list goes on – thank you!), many are now turning to remote working.

We are thrilled to let you know that Uptrends is now certified ISO 27001 compliant. The ISO (International Organization Standardization) sets security requirements that a company must meet before an accredited auditor can grant the certification. If you’re familiar with the certification process, you know that it takes a considerable amount of time and work; however, the benefits that it brings for our company and our clients are worth the effort. Let’s take a look.

Security information and event management, or SIEM, has become part of the vocabulary of every organization. SIEM solutions gather events from multiple systems and analyze them—both in real time and through historical data. SIEM costs—as cyber security costs in general—can be high, but there is a tradeoff if you opt for the FOSS route (free and open source solutions).

Container use continues to grow, and Kubernetes is the most widely adopted container orchestration system, managing nearly half of all container deployments.1 Successful integration of container services within the enterprise depends heavily on access to external resources such as databases, cloud services, third-party application programming interfaces (APIs), and other applications. All this egress activity must be controlled for security and compliance reasons.

Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.