Security professionals are widely adopting MITRE ATT&CK™ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techniques based on real-world observations. MITRE ATT&CK provides…

February 26, 2021

Posted by: Brian Coulson

TL/DR Qualys has reported that Sudo, before 1.9.4p2, has a heap-based buffer overflow vulnerability that allows privileged escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character. Detecting a successful exploit of the…

February 23, 2021

Posted by: Kelsey Gast

Implementing a Zero Trust framework across an organization requires leading with a “never trust and always verify” mindset to secure your data and resources. Over the years, organizations have increasingly implemented Zero Trust frameworks into their environment because technological advancements…

February 22, 2021

Posted by: Ashok Chokalingam

The need for water critical infrastructure (CI) cybersecurity has become a growing concern as a recent cyberattack has made national headlines. On February 8, 2021, a hacker modified chemicals in a water treatment plant in Oldsmar, Florida. During a press…

February 20, 2021

There is no debating it; the public cloud is here to stay, and therefore, the need for cloud security solutions continue to increase. According to Gartner, spending on public cloud services is forecast to grow 18.4% in 2021, totaling $304.9…

February 19, 2021

Posted by: Dan Crossley

This is the second part of a blog series discussing Windows process creation events. Part one introduced process creation events and discussed why they should be enabled. In this post, we will take a deeper dive and first look at…

February 11, 2021