In this four-part series, we explore hypothetical cyberattacks inspired by real-life events in four different industries: healthcare, finance, manufacturing, and education. We’ll take a look at unforeseen security attack scenarios, and discover how user and entity behavior analytics (UEBA) can be leveraged to safeguard organizations. In this second post of the series, we’ll examine cyberattacks that threaten the financial sector.

Over the past few years, cloud computing has passed through its hype and early-adopter phases. Now we are hitting the peak of migration from on-premise to cloud-based infrastructure. Consequently, this transition and the advent of cloud computing has dramatically changed the way we think about security. Namely, the security paradigm has shifted towards a Zero Trust Security Model.

Data theft or data skimming is not a new problem, it has probably been happening since the birth of the paper form. Today is no different, it is still around and happening on a much wider scale, leveraging the internet and the proliferation of online shopping. A popular modern tactic for data skimming is called formjacking. Not heard of it? Formjacking enables organised criminals to steal sensitive customer data as it is entered into an ecommerce shop. To the end user, this process is invisible.

A recent flaw, CVE-2019-14287, has been found in sudo. In this blogpost, we are going to show you how to use Falco or Sysdig Secure, to detect any exploit attempts against this vulnerability. sudo allows users to run commands with other user privileges. It is typically used to allow unprivileged users to execute commands as root. The issue exists in the way sudo has implemented running commands with an arbitrary user ID in versions earlier than 1.8.28.

The past few months have seen both Android and iOS fall prey to various security attacks, with more malware attacks and exploits being uncovered on a daily basis. First, let’s look at the newest zero-day Android vulnerability. This vulnerability leverages the ”use-after-free” memory flaw to wreak havoc on mobile devices. In layperson terms, the use-after-free flaw allows access to memory recently freed (after performing some operation) to execute malicious code.

As compliance managers, we often find ourselves in a struggle. Our responsibility is to uphold compliance standards but in order to achieve this, we need to “sell” the concept to the relevant stakeholders, inter alia the business teams and R&D. We’re put in the position of justifying required changes and processes and are thus mistakenly perceived as business “stoppers” and not enablers.

With Sumo Logic, we can put all of these pieces together to build end-to-end Observability in Kubernetes.

The constant evolution of security threats has long-since made preventing cyber-attacks and network intrusion attempts a nearly impossible task. Real threats are often hard to identify among a multitude of false alarms, and many experts understand that a well-integrated and fully-automated threat intelligence strategy is the best approach. Nevertheless, 70% of security industry professionals still believe threat intelligence to be too complex and bulky to provide actionable insights.

Performance and security are the lifeblood of an e-commerce website. The moment pages start to slow down, or your customers fear their data may be at risk, is the moment your business starts to fail. This post is the second in a series of three that will explore the key tools every ecommerce site needs running 24/7.

Let us first agree on a couple of things before we start: One, Android is the most affordable platform for enterprises with a mobile-first/mobile-only workforce, and it has the smallest learning curve of any mobile OS. Two, due to its very open-source nature, Android is easy for malicious actors to pray on, with the Google Play Store being the breeding ground for many attacks.