#DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase
Denis Rosa, Developer Advocate Manager at Couchbase, talks about the challenge of external dependencies with continuous integration and delivery
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
August Product Rollup: UI Upgrades in Search, Mobile, and More
This month, we’re excited to announce new user experience improvements for search, session management, and mobile, in addition to major improvements to our Migration App. Continue reading to learn about some of the notable capabilities added to the platform in August.
Rubrik Surpasses $400 Million in Subscription ARR and Launches Rubrik Zero Labs Data Threat Research Unit to Help Combat Global Cyber Threats
I’m thrilled to share that today marks a defining moment in Rubrik’s mission to secure the world’s data with several major milestones including: I’m proud of the Rubrik team and their relentless focus on product innovation, but we couldn’t have done this without amazing customers and partners who believe in our mission and continue to trust us with their businesses and their data.
The Future of Cybersecurity: How Will We Protect Ourselves in the Years to Come?
Cyberthreats are one of the most significant challenges facing society today. From illegal political influence to personal data theft, cyberattacks are already posing a huge problem for governments, businesses, and individuals. And as attacks become more sophisticated, it’s getting harder to protect ourselves online. So, what can we expect from the future of cybersecurity? Is it possible to keep up with the speed and complexity of these advancing attacks?
Defense Against the Lateral Arts: Detecting and Preventing Impacket's Wmiexec
Impacket’s wmiexec.py (“wmiexec”) is a popular tool used by red teams and threat actors alike. The CrowdStrike Services team commonly sees threat actors leveraging wmiexec to move laterally and execute commands on remote systems as wmiexec leverages Windows native protocols to more easily blend in with benign activity.
Five Ways To Evaluate the Strength of Your Security Awareness Program
Today, many organizations have a security awareness program of some kind. Whether it’s annual compliance training or the orientation video warning new employees about phishing, it’s almost a standard now among industries. However, security awareness programs vary in frequency, details, and execution. And it’s that variability which, unfortunately, can become a vulnerability. Employees and users are the first line of defense against a cyberattack.
Service Account Attack: LDAP Reconnaissance with PowerShell
In the introductory post of this series, we reviewed what an Active Directory (AD) service account is, explained why these privileged accounts are a serious security risk, and promised to detail 4 types of attacks on service accounts in future posts. This post explores the first of those attacks: LDAP reconnaissance, which attackers can use to discover service accounts in an IT environment while avoiding detection.
Exploiting Service Accounts: Silver Ticket Attack
In the first post of these series we showed how an adversary can discover Active Directory service accounts with PowerShell, and the second post demonstrated how to crack their passwords using the Kerberoasting technique. Now let’s see how an attacker can exploit a compromised service account using Kerberos Silver Tickets to forge TGS tickets.
Using Containers Responsibly
Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!
Coffee Talk with SURGe: Twitter Whistleblower, Roasting Oktapus, Montenegro Cyberattack
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news including: Mick and Ryan competed in a 60 second charity challenge to explain why they think password managers are still your best option for password security. The team also discussed data privacy after the FTC announced it is suing a data broker for selling geolocation data. Meanwhile, the FCC is launching an investigation into mobile carriers' geolocation data practices.