The team at Let's Encrypt, the free certificate authority, has identified an issue that might have lead to unauthorized certificate issuance. Because it's hard to determine which sites have been abused, they have no other choice but to revoke all certificates that may have been maliciously issued. The result is a massive 3,048,289 certificates that will be revoked within the next 24 hours. We've just finished alerting all our users that are affected by this.

We are excited to announce the general availability of Calico Enterprise 2.7. With this release, Fortinet’s 400,000 customers can use FortiGate to enforce network security policies into and out of the Kubernetes cluster as well as traffic between pods within the cluster.

You’ve likely heard a thing—or two (ba dum tss!)—about two-factor authentication, or 2FA. After all, it’s become a bit of a hot topic recently as the nature and number of security breaches has evolved. Compromised user data regularly surfaces on the dark web, giving malicious actors access to your password(s) for a couple bucks. That’s why passwords just don’t cut it as your only security effort anymore—and that’s where 2FA comes in.

Recently, a StatusGator user on our 30 day free trial contacted us to inquire if StatusGator was GDPR compliant. The General Data Protection Regulation, or GDPR, is the European Union’s regulation that grants rights and requirements over personal data. Although we’ve been following the GDPR and its rollout for some time now, we haven’t taken active steps to comply with its requirements. We are based in the United States and don’t actively target European customers.

Another RSA Conference is in the books and despite a few vendors pulling out due to public health concerns, the show went on and offered attendees a glimpse of what lies ahead in the world of cybersecurity. The main theme for this year’s RSA event focused on the human element in addressing the behaviors and activities of users and analysts.

During research into client side attacks, we recently observed a skimmer loading on the popular Pakistani fashion website, Khaadi. Khaadi is a global brand including seven stores in the UK and the company boasts over 5.4 million followers on social media. Khaadi have faced negative press recently, after an uproar about inhuman workplace conditions in 2017, and narrowingly avoiding going into administration in 2019.

First things first, why would you want to collect logs from Palo Alto and send them to a Cloud SIEM? There are many reasons. At its core, having a centralized location with a consistent user experience for managing alerts, notifications, and information coming from the technologies securing your environment can provide value in a lot of ways. In this blog, we’ll discuss how to collect, parse, and analyze Palo Alto logs in Logz.io Cloud SIEM, and how it can help secure your cloud workloads.

In our last release of the PowerShell security series, we talked about how PowerShell could be leveraged by malicious actors to gain unprecedented access to your organization’s critical assets. From enumerating sensitive domain information and carrying out credential-based attacks to running malicious executables in memory (file-less malware), we shined a light on the potential of PowerShell and why it’s an ideal weapon for cyber attackers today.

As the cloud continues to expand with no end in sight, it’s only wise to invest in it. Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service bring significant cost savings (personnel and ownership), improved performance, better reliability, freedom to scale and - above all - significant security benefits. It’s no wonder that so many businesses have already adopted all three of these models.

Given the complexity of large enterprise environments, coupled with the diversity of the vendor landscape, there is no single, agreed-upon “best” way to buy security. The battles continue between CAPEX or OPEX, net-30 or net-90, annual or multi-year, perpetual or subscription. One thing we do know, however, is that all too often the consumer pays for something he or she does not use.