Elastic

Cybercriminals tighten their grip on organizations

Cybercriminals tighten their grip on organizations 2024-12-30 at 06:06 By Help Net Security Cybercriminals are using a variety of new methods to target organizations across industries. In this article, we examine the most pressing trends and findings from the 2024 surveys on the growing threat of cybercrime. Social engineering scams sweep through financial institutions North […]

React to this headline:

Loading spinner

Cybercriminals tighten their grip on organizations Read More »

Elastic expands cloud detection and response capabilities from a single SIEM

Elastic expands cloud detection and response capabilities from a single SIEM 2024-12-04 at 10:54 By Industry News Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include agentless ingestion, cloud asset inventory, extended protections, and graph

React to this headline:

Loading spinner

Elastic expands cloud detection and response capabilities from a single SIEM Read More »

Adversarial groups adapt to exploit systems in new ways

Adversarial groups adapt to exploit systems in new ways 2024-10-28 at 06:36 By Help Net Security In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike

React to this headline:

Loading spinner

Adversarial groups adapt to exploit systems in new ways Read More »

Cybercriminals capitalize on poorly configured cloud environments

Cybercriminals capitalize on poorly configured cloud environments 2024-10-04 at 06:31 By Help Net Security Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and Metasploit, made up ~54% of observed malware alerts. The most

React to this headline:

Loading spinner

Cybercriminals capitalize on poorly configured cloud environments Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

React to this headline:

Loading spinner

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

Infosec products of the month: August 2024

Infosec products of the month: August 2024 2024-09-02 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own,

React to this headline:

Loading spinner

Infosec products of the month: August 2024 Read More »

New infosec products of the week: August 9, 2024

New infosec products of the week: August 9, 2024 2024-08-09 at 06:01 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, and EndorLabs. Rapid7 releases Command Platform, unified attack defense and response Rapid7 launched its Command Platform,

React to this headline:

Loading spinner

New infosec products of the week: August 9, 2024 Read More »

Elastic automates SIEM data onboarding with Automatic Import

Elastic automates SIEM data onboarding with Automatic Import 2024-08-07 at 11:46 By Industry News Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom data

React to this headline:

Loading spinner

Elastic automates SIEM data onboarding with Automatic Import Read More »

Researchers unearth MotW bypass technique used by threat actors for years

Researchers unearth MotW bypass technique used by threat actors for years 2024-08-06 at 14:31 By Zeljka Zorz Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multiple samples

React to this headline:

Loading spinner

Researchers unearth MotW bypass technique used by threat actors for years Read More »

How companies increase risk exposure with rushed LLM deployments

How companies increase risk exposure with rushed LLM deployments 2024-07-10 at 07:31 By Mirko Zorz In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and vulnerabilities as they rush to deploy LLMs. King explains how LLMs pose significant risks to data

React to this headline:

Loading spinner

How companies increase risk exposure with rushed LLM deployments Read More »

Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions

Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions 2024-05-07 at 10:31 By Industry News Elastic has announced that Search AI will replace the traditional SIEM with an AI-driven security analytics solution for the modern SOC. Powered by the Search AI platform, Elastic Security is replacing largely manual processes for configuration, investigation and response

React to this headline:

Loading spinner

Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions Read More »

XZ Utils backdoor: Detection tools, scripts, rules

XZ Utils backdoor: Detection tools, scripts, rules 2024-04-08 at 16:31 By Zeljka Zorz As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skilled threat

React to this headline:

Loading spinner

XZ Utils backdoor: Detection tools, scripts, rules Read More »

The most prevalent malware behaviors and techniques

The most prevalent malware behaviors and techniques 2024-03-20 at 12:46 By Zeljka Zorz An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques The analyzed malware samples were most often delivered

React to this headline:

Loading spinner

The most prevalent malware behaviors and techniques Read More »

Pikabot returns with new tricks up its sleeve

Pikabot returns with new tricks up its sleeve 2024-02-26 at 15:32 By Helga Labus After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader – a type of malware whose primary function is to serve as a

React to this headline:

Loading spinner

Pikabot returns with new tricks up its sleeve Read More »

15 open-source cybersecurity tools you’ll wish you’d known earlier

15 open-source cybersecurity tools you’ll wish you’d known earlier 2024-01-04 at 07:01 By Help Net Security Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. These tools, developed with transparency and community-driven principles, empower users with the freedom to scrutinize, modify, and adapt solutions according to their unique needs.

React to this headline:

Loading spinner

15 open-source cybersecurity tools you’ll wish you’d known earlier Read More »

Elastic simplifies data investigations with piped query language, ES|QL

Elastic simplifies data investigations with piped query language, ES|QL 08/11/2023 at 17:01 By Industry News Elastic has unveiled Elasticsearch Query Language (ES|QL), its new piped query language designed to transform, enrich and simplify data investigation with concurrent processing. ES|QL enables site reliability engineers (SREs), developers and security professionals to perform data aggregation and analysis across

React to this headline:

Loading spinner

Elastic simplifies data investigations with piped query language, ES|QL Read More »

KandyKorn macOS malware lobbed at blockchain engineers

KandyKorn macOS malware lobbed at blockchain engineers 03/11/2023 at 15:46 By Helga Labus North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain engineering community members on Discord, the attackers used social engineering techniques to make victims download a malicious ZIP

React to this headline:

Loading spinner

KandyKorn macOS malware lobbed at blockchain engineers Read More »

Wazuh: Free and open-source XDR and SIEM

Wazuh: Free and open-source XDR and SIEM 24/10/2023 at 07:00 By Help Net Security Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings. Wazuh system comprises an endpoint security agent installed on monitored systems and a management server that processes and

React to this headline:

Loading spinner

Wazuh: Free and open-source XDR and SIEM Read More »

Endace collaborates with Elastic to accelerate cyber threat response

Endace collaborates with Elastic to accelerate cyber threat response 12/09/2023 at 15:32 By Industry News Endace announced a technical partnership with SIEM and observability platform provider Elastic. The partnership brings together the EndaceProbe Scalable Hybrid Cloud Packet Capture, Elastic Stack and Elastic Security, and provides the packet-level network visibility and detailed network metadata that Security

React to this headline:

Loading spinner

Endace collaborates with Elastic to accelerate cyber threat response Read More »

Security Onion 2.4: Free, open platform for defenders gets huge update

Security Onion 2.4: Free, open platform for defenders gets huge update 23/08/2023 at 13:03 By Help Net Security Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been downloaded over 2 million times and is being used by security teams worldwide. Security Onion 2.4 comes

React to this headline:

Loading spinner

Security Onion 2.4: Free, open platform for defenders gets huge update Read More »

Scroll to Top