We are thrilled to announce that Elastic Cloud Serverless has achieved several significant compliance certifications. This milestone reinforces our commitment to security, privacy, and regulatory compliance. Elastic Cloud Serverless is now audited or certified under the following industry-leading frameworks: SOC 2 Type 2, ISO 27001, ISO 27017, ISO 27018, Payment Card Industry … [Read more...] about Elastic Cloud Serverless achieves major compliance certifications
Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
Jan 21, 2025Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and … [Read more...] about Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Jan 20, 2025Ravie LakshmananNetwork Security / Vulnerability New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to their networks," … [Read more...] about Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Elastic recruiters reveal how to stand out in your job search
New year, new job. If you’re hoping to land a new role in 2025, January and February is the prime time to polish your resume and hone your interviewing skills.We asked Elastic recruiters for their best tips on how to stand out in the application and interview process — and what they advise their candidates. Here’s what they had to say.Create a detailed resume Dedicate time to … [Read more...] about Elastic recruiters reveal how to stand out in your job search
TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025
Jan 19, 2025Ravie LakshmananSocial Media / Data Privacy Popular video-sharing social network TikTok has officially gone dark in the United States, as a federal ban on the app comes into effect on January 19, 2025. "We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up … [Read more...] about TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, … [Read more...] about U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
Biden’s new Cybersecurity Executive Order: What you need to know
President Biden has issued his long-awaited Cybersecurity Executive Order. This directive comes in the final days of the administration and outlines a number of measures to enhance national cybersecurity — placing a strong emphasis on the Cybersecurity and Infrastructure Security Agency (CISA) and its important role in safeguarding federal systems and critical infrastructure. … [Read more...] about Biden’s new Cybersecurity Executive Order: What you need to know
Modern Security for Legacy Environments
Many organizations across critical industries such as healthcare, manufacturing and energy rely on legacy Windows operating systems to run essential equipment. These systems, while operationally vital, are notoriously difficult and costly to upgrade — leaving them vulnerable to modern cyber threats. CrowdStrike is addressing this challenge by expanding our legacy support … [Read more...] about Modern Security for Legacy Environments
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Jan 17, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a variety of networking … [Read more...] about Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Forrester TEI Study – Falcon Identity Protection
Identity-based attacks are surging across today’s threat landscape as adversaries target identities in on-premises, cloud and SaaS applications. They aren’t breaking in — they’re logging in. Organizations must respond to these threats in real time to stop breaches, but traditional security approaches consisting of siloed tools often create visibility gaps and hinder … [Read more...] about Forrester TEI Study – Falcon Identity Protection