The 2010 Stuxnet malicious software attack on a uranium enrichment plant in Iran had all the twists and turns of a spy thriller. The plant was air gapped (not connected to the internet) so it couldn’t be targeted directly by an outsider. Instead, the attackers infected five of the plant’s partner organizations, hoping that an engineer from one of them would unknowingly introduce the malware to the network via a thumb drive.
Detecting and preventing malicious activity such as botnet attacks is a critical area of focus for threat intel analysts, security operators, and threat hunters. Taking up the Mozi botnet as a case study, this blog post demonstrates how to use open source tools, analytical processes, and the Elastic Stack to perform analysis and enrichment of collected data irrespective of the campaign.
July is Hype Cycle season, the time of year when Gartner livens up the summer doldrums by updating its eagerly awaited Hype Cycle series of reports. This year’s Hype Cycles demonstrated OpsRamp’s growing brand recognition as we were listed as a representative vendor in eight different Gartner Hype Cycles.
SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability, which allows overly permissive Access Control Lists (ACLs) that provide low privileged users read access to privileged system files including the Security Accounts Manager (SAM) database. The SAM database stores users' encrypted passwords in a Windows system. According to the Microsoft advisory, this issue affects Windows 10 1809 and above as well as certain versions of Server 2019.
In the past few years, JavaScript has evolved in several ways and has come a long way. With the evolving technology, machines are becoming more powerful, and browsers are getting more robust and compatible. In addition, Node.js’s recent development for JavaScript’s execution on servers, JavaScript has been getting more and more popular than ever before.
Lambda is an excellent option for deploying lower-traffic web services when you don't want to maintain another server and you want easy access to all of AWS's other services. In this article, Godwin Ekuma shows us step-by-step how to deploy our Rails apps to AWS Lambda.
Patch compliance indicates the number of compliant devices in your network. This means the number of computers that have been patched or remediated against security threats effectively. The distribution and deployment of patches accomplish nothing if your devices are not compliant. So to establish a good patch management strategy, it is important to pay attention to the effectiveness and reach of your patch deployment activities.
You've joined a company, or worked there a little while, and you've just now realised that you'll have to do on-call. You feel like you don't know much about how everything fits together, how are you supposed to fix it at 2am when you get paged? So you're a little nervous. Understandable. Here are a few tips to help you become less nervous.
AWS Auto Scaling groups are a powerful tool for creating scaling plans for your application. They let you dynamically create a group of EC2 instances that will maintain a consistent and predictable level of service. HAProxy’s Data Plane API adds a cloud-native method known as Service Discovery to add or remove these instances within a backend in your proxy as scaling events occur. In this article, we’ll take a look at the steps used to integrate this functionality into your workflow.
