Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

sumologic

PowerShell and 'Fileless Attacks'

Apr 20, 2020 By Brian Gardiner In Sumo Logic
PowerShell had its beginnings as a way to enable administrators to perform their tasks both locally and remotely with unprecedented access to underlying Windows components, such as COM objects and WMI. Since being included in every major Windows Operating System since Windows 7, PowerShell based tooling is well proliferated for both legitimate and malicious use and includes common tooling such as SharpSploit, PowerSploit, PowerShell Empire, Nishang and Invoke-Obfuscation.
Read Post
cfengine

CVE-2019-19394 - Mission Portal JavaScript Injection vulnerability

Apr 16, 2020 By Ole Herman Elgesem In CFEngine

A vulnerability was recently discovered in CFEngine Mission Portal and has now been fixed. Under certain circumstances, it was possible to inject JavaScript code into data presented in Mission Portal, that would be run in the user’s browser. This security issue was fixed in CFEngine 3.10.7, 3.12.3, and 3.15.0, and will be mitigated by upgrading your hub to one of these versions (or later). No other action is required than upgrading the Hub.

Read Post

PCI Compliance for Containers and Kubernetes

Apr 16, 2020 By Sysdig In Sysdig
Attend our webinar about PCI compliance in containers & Kubernetes: Download our PCI Guide: More info in our blog: Many of your applications are now starting to run on containers in the cloud. If your applications are at all dealing with credit card data, you may be wondering how to validate PCI compliance, a well known regulation for handling this data securely. PCI is also a must have requirement to check off before your code gets to production.
View Video

Quick tips to create an effective remote access plan for your organization.

Apr 16, 2020 By ManageEngine In ManageEngine

In this webinar, you'll learn:

  • Specific challenges that your IT teams face while working remotely during the COVID-19 crisis
  • Cybersecurity implications of opening up privileged access to infrastructure and data center assets to IT technicians working from home
  • How to handle remote access requests to critical systems
  • Strategies for IT teams to effectively adapt to a remote work plan without compromising on access security
  • How ManageEngine's Secure Remote Access Toolkit can help a
    View Video
manageengine

Hardening Windows security: How to secure your organization - Part 2

Apr 16, 2020 By IT Security In ManageEngine

We’re back with part two of our three-part blog series on living-off-the-land attacks. If you missed part one, you can read it here. In a nutshell, living-off-the-land (LOTL) refers to a type of attack where the attacker uses the tools and features that already exist in the target environment to carry out malicious activities. The concept of LOTL is not new, but LOTL and file-less attacks have been gaining popularity over the last few months.

Read Post
sysdig

Performing Image Scanning on Admission Controller with OPA

Apr 16, 2020 By Víctor Jiménez In Sysdig

In this post we will talk about using image scanning on admission controller to scan your container images on-demand, right before your workloads are scheduled in the cluster. Ensuring that all the runtime workloads have been scanned and have no serious vulnerabilities is not an easy task. Let’s see how we can block any pod that doesn’t pass the scanning policies before it even runs in your cluster.

Read Post

Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms (DGA)

Apr 16, 2020 By Tigera In Tigera
Malicious actors often use Domain Generation Algorithms (DGA) to exploit the DNS protocol and execute command-and-control (C & C) malware attacks. In this webinar, threat researchers Manoj Ajuhe and Chris Gong from Tigera’s Threat Detection Team will be sharing the latest insights into DGAs, the risks they present, along with best practices to speed detection and mitigation.
View Video
manageengine

COVID-19 sets the stage for cyberattacks: How to protect your business while working remotely

Apr 15, 2020 By General In ManageEngine

Businesses are shifting their operations to a remote work model in the midst of the COVID-19 lockdown. While this enables business to generally continue as normal, there has also been a rise in cyberattacks because of this shift as reported by national cybersecurity agency CERT-In. Security experts have also predicted a 30-40 percent hike in cyberattacks due to increased remote working.

Read Post
elastic

Virtual safety: How to teach your kids cybersecurity best practices

Apr 15, 2020 By Cami Lewis In Elastic

Confession: I am a security practitioner. I am also a mom. What I am not is a homeschool teacher. Earlier this year, I spoke to the 5th- and 6th-grade classes at my son’s Innovation Day about cybersecurity. I discussed what it means to be a cybersecurity practitioner and how the practice of cybersecurity affects everyday life.

Read Post
elastic

Generating MITRE ATT&CK® signals in Elastic SIEM: Sysmon data

Apr 15, 2020 By Craig Chamberlain In Elastic

Many mature security teams look to the MITRE ATT&CK® matrix to help improve their understanding of attacker tactics, techniques, and procedures (TTPs) and to better understand their own capabilities relative to these common adversarial approaches. With the release of Elastic Security 7.6, Elastic SIEM saw 92 detection rules for threat hunting and security analytics aligned to ATT&CK.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.