Logs are a ubiquitous signal that is simple to enable, provides visibility into your infrastructure and applications, and is the first go-to signal for SREs and developers. As systems have become more complex, the volume of logs has grown exponentially along with the size and complexity of logs. A next-generation observability solution must be able to:Ingest all data, whether … [Read more...] about Elastic extends Express Migration program for Splunk logging customers
extends
CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud
Two recent Microsoft breaches underscore the growing problem of cloud identity attacks and why it’s critical to stop them. While Microsoft Active Directory (AD) remains a prime target for attackers, cloud identity stores such as Microsoft Entra ID are also a target of opportunity. The reason is simple: Threat actors increasingly seek to mimic legitimate users in the target … [Read more...] about CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud
Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports
Jul 21, 2023THNEmail Security / Cyber Attack The recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) … [Read more...] about Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports
CrowdStrike Cloud Security Extends New CIEM Capabilities
As organizations continue to shift to multi-cloud environments and increasingly use cloud services for application development, new challenges emerge that require dramatic changes in the delivery and practice of cybersecurity. Notably, Gartner predicts that inadequate management of identities, access and privileges will cause 75% of cloud security failures by 2023.1 Though … [Read more...] about CrowdStrike Cloud Security Extends New CIEM Capabilities
Google Extends Support for Tracking Party Cookies Until 2023
Google's sweeping proposals to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years. "While there's considerable progress with this initiative, it's become clear that more time is needed across the ecosystem to get this … [Read more...] about Google Extends Support for Tracking Party Cookies Until 2023
PROMETHIUM extends global reach with StrongPity3 APT
Cisco Blogs / Security / Threat Research / PROMETHIUM extends global reach with StrongPity3 APT The PROMETHIUM threat actor — active since 2012 — has been exposed multiple times over the past several years.. However, this has not deterred this actor from continuing and expanding their activities. By matching indicators such as code similarity, command and control … [Read more...] about PROMETHIUM extends global reach with StrongPity3 APT