What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-04 09:42:42 | Active exploitation of the Oracle WebLogic Server RCE vulnerability (CVE-2020-14882) (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer The October release of Oracle's quarterly Critical Patch Update (CPU) fixed a total of 402 vulnerabilities across its various product families. More than half of the vulnerabilities were remote exploitable that did not require authentication. One of the vulnerabilities, CVE-2020-14882, is an RCE flaw in the WebLogic [...] | Vulnerability | ||
|
2020-10-29 08:30:56 | Test blog (lien direct) | Cybersecurity for education The open nature of campus networks and IT systems, and the presence of valuable intellectual property have made Educational institutions an enticing target for malicious attacks on and off campus. Providing free and easy access to digital resources is a key issue for Universities across the world. New generations of students and [...] | |||
|
2020-10-28 07:47:41 | Comment LogPoint 6.9 accélère la détection et facilite les investigations (lien direct) | Par Martha Chrisander, Head of Product Marketing, LogPoint La dernière version de LogPoint vise à aider les analystes en sécurité à accélérer le processus d'investigation. LogPoint 6.9 aide les analystes à mieux comprendre les éléments essentiels à investiguer en priorité et à réduire le nombre d'étapes manuelles de ce processus. Quoi de neuf dans LogPoint [...] | |||
|
2020-10-28 07:47:41 | See how LogPoint 6.9 speeds up detection and investigation (lien direct) | By Martha Chrisander, Head of Product Marketing, LogPoint The latest LogPoint release is all about helping security analysts speed up the investigation process. LogPoint 6.9 helps analysts better understand what is critical to investigate and reduces the number of manual steps in the investigation process. What's new in LogPoint 6.9 Watch Guy Grieve, Presales Manager [...] | |||
|
2020-10-20 11:59:21 | What is security analytics? Learn more about the benefits of using security analytics tools (lien direct) | Cyber security and choosing the right security analytics is one of the, if not the most, massive challenges organizations face in the modern age across the globe. As organizations continue to grow their already complex, sophisticated, and extensive networks, cyber threats continue to develop in complexity, sophistication, and, more importantly, damage cost.Previously, organizations relied on [...] | |||
|
2020-10-20 11:40:08 | What is multitenancy? The benefits of a multitenant architecture for MSSPs (lien direct) | Managed security service providers (MSSPs) handle multiple customers within their technology stack. Therefore they need technology that makes them more efficient. Multitenancy is a critical capability that helps MSSPs improve efficiency. What are the advantages of multitenancy? And why is it vital that solutions, such as security information and event management (SIEM), support it? The [...] | |||
|
2020-10-15 10:22:53 | Making SIEM data accessible to non-IT staff with Applied Analytics (lien direct) | For most organizations, the term “SIEM” brings to mind cybersecurity, log collection, detecting threats, compliance. However, organizations can use security information and event management (SIEM) solutions for more than just security. LogPoint Applied Analytics is a solution for non-technical staff that focuses on giving insight into applications and reporting. The challenge LogPoint developed Applied Analytics [...] | |||
|
2020-10-12 06:21:15 | Rencontrez LogPoint aux Assises 2020 et découvrez le Modern SIEM intégré au SOC (lien direct) | Le Modern SIEM est devenue une technologie incontournable pour la cybersécurité moderne et le SOC (Security Operations Center). Rencontrez l'équipe LogPoint aux Assises 2020 de Monaco du 14 au 16 octobre 2020, pour découvrir comment notre solution SIEM et UEBA peut améliorer vos opérations SOC.Nous sommes ravis d'assister aux Assises de la Sécurité, et cette [...] | |||
|
2020-10-08 12:00:18 | The complete guide to log analysis (lien direct) | Modern businesses have become reliant on data analytics, especially within cybersecurity, IT operations and compliance. Log analysis is the foundation for most analytics to create reports, dashboards and alerts to improve business operations. Data can be recorded and logged from just about everything. To make sense of the growing data volume, many companies use a [...] | |||
|
2020-10-08 11:20:07 | Guide to log management and the importance of logging (lien direct) | By Nils Krumrey, Enterprise Presales Engineer, LogPoint When customers speak to us, the number one requirement on their list is often "log management." That sounds reasonably straightforward. But if you want to do more than tick a box, it is worth diving into what log management actually means. What does logging mean? Any type [...] | |||
|
2020-10-07 13:20:17 | Collecting and analyzing Windows logs with LogPoint (lien direct) | By Friedrich von Jagwitz, Sales Engineer, LogPoint There was recently an article posted about Windows Event Log Analysis. Looking into it, I found information on Account Management, Program Execution, and PowerShell logging (and many others, of course…) described in-depth, including Event IDs and explanations. Considering how some of the latest breaches have been [...] | |||
|
2020-10-07 10:16:15 | Microsoft Exchange Server RCE vulnerability (CVE-2020-0688) (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint On February 11, 2020, Microsoft released a security advisory for a severe remote code execution vulnerability (CVE-2020-0688), with a CVSS score of 8.8. The vulnerability in Microsoft Exchange Server was due to the server failing to generate a unique cryptographic key at install time. A [...] | Vulnerability | ||
|
2020-10-01 11:42:54 | What is an Insider Threat? (lien direct) | Risky insiders (also known as insider threats) are one of the main threats to organizations in the current security landscape. As the 2019 Fortinet Report on this topic has shown – almost 70% of organizations feel moderately to extremely vulnerable to this type of threat. In this blog, we aim to address this topic and [...] | |||
|
2020-10-01 11:26:19 | A Simple Guide to Threat Hunting (lien direct) | Threats are continually changing and becoming more sophisticated. Making it impossible to buy a tool that detects every potential cyberthreat. You can help protect your business by taking a proactive approach to hunting threats. According to the 2020 Verizon Data Breach report, more than 25% percent of breaches took months or longer to discover This [...] | Data Breach Tool Threat | ||
|
2020-09-29 13:15:24 | (Déjà vu) 15th October – LogPoint Modern SIEM in action. Protecting organizations from cyber threats by Jake McCabe (lien direct) | Translating data into actionable intelligence enables organizations to manage cybersecurity threats efficiently. LogPoint is truly source agnostic, with support for most applications, including ready-to-use controls, such as dashboards, reports and alerts. In the session, you will learn: • How LogPoint provides accelerated detection and response to events in every application of the infrastructure. This means [...] | |||
|
2020-09-29 13:15:24 | (Déjà vu) 12th November – LogPoint Modern SIEM in action. Protecting organizations from cyber threats by Friedrich von Jagwitz (lien direct) | Translating data into actionable intelligence enables organizations to manage cybersecurity threats efficiently. LogPoint is truly source agnostic, with support for most applications, including ready-to-use controls, such as dashboards, reports and alerts. Join us for our signature webinar and learn: • How LogPoint provides accelerated detection and response to events in every application of the infrastructure. [...] | |||
|
2020-09-29 13:15:23 | (Déjà vu) 6th October – Taking a behavioral approach to cybersecurity- how to help universities and colleges stay one step ahead of your adversaries (lien direct) | As the new school year gets underway, join LogPoint's Jake McCabe when he discusses how thinking about security from the perspective of adversary behavior can help Universities better prepare for, detect, and respond to threats. Too often, security organizations focus on signatures and IOCs to alert them to threats in their environment, however this myopic [...] | |||
|
2020-09-29 10:32:33 | Threat hunting with Linux – Detecting a cryptomining attack (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint Cryptomining malware was extremely popular in 2019 and is still relevant in today's threat landscape. As per the IBM X-Force telemetry, cryptomining activity spiked to unprecedented levels during mid-2019. At present, coin miners have seen a steady increase in the number of reports during [...] | Malware Threat | ||
|
2020-09-24 07:36:10 | LogPoint\'s guide to the MITRE ATT&CK framework (lien direct) | What is the MITRE ATT&CK framework? Cybersecurity criminals around the world are constantly trying out new strategies to target and attack organizations. Fortunately, there is a way to observe these strategies and use this knowledge against them. Developed by MITRE, a non-profit funded by the U.S. government, the ATT&CK framework is a cybersecurity knowledge base [...] | |||
|
2020-09-23 07:43:04 | (Déjà vu) How organizations can benefit from a Modern SIEM solution (GERMAN) (lien direct) | Note: This webinar is in German. The “How can organizations benefit from a Modern SIEM solution?” webinar is now available on demand. Fill out the form to access the webinar and experience: - How LogPoint enables accelerated detection and response to events in the infrastructure. This means that the organization can achieve first-class monitoring of [...] | |||
|
2020-09-23 07:43:04 | How organizations can benefit from a Modern SIEM solution (lien direct) | Note: This webinar is in German. The “How can organizations benefit from a Modern SIEM solution?” webinar is now available on demand. Fill out the form to access the webinar and experience: - How LogPoint enables accelerated detection and response to events in the infrastructure. This means that the organization can achieve first-class monitoring of [...] | |||
|
2020-09-21 09:46:04 | Detecting the Zerologon vulnerability in LogPoint (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint On August 11, 2020, Microsoft released a security advisory for CVE-2020-1472, with a CVSS score of 10, a critical privilege escalation flaw when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). What makes this [...] | Vulnerability | ||
|
2020-09-16 12:37:44 | Faster Detection and Response with MITRE ATT&CK (lien direct) | The "Faster Detection and Response with MITRE ATT&CK" webinar is now available on demand. Fill out the form to access the webinar and learn: What the MITRE ATT&CK framework is How MITRE ATT&CK improves detection and response How to reference ATT&CK tactics and techniques in an investigation How LogPoint SIEM and UEBA support the framework [...] | |||
|
2020-09-16 11:58:52 | Meeting the requirements of the NHS Data Security and Protection Toolkit with SIEM (lien direct) | The "Introduction to LogPoint SIEM and UEBA" webinar hosted by LogPoint Senior Sales Engineer Tim Strack is now available on demand. Fill out the form to access the webinar and experience: How a modern SIEM such as LogPoint is a key enabling technology to address the requirements outlined in the NHS Data and Security Protection [...] | |||
|
2020-09-15 10:34:42 | Beginners guide to SAP Security: Why is it important and how does it work? (lien direct) | Organizations using SAP as their business application or ERP system often store their most critical assets, including intellectual properties within SAP. This data must be protected against unauthorized access originating from both outside and within the organization. SAP systems require extensive protection and security monitoring. What is SAP Security? There are various aspects to SAP [...] | |||
|
2020-09-15 09:34:01 | What is Threat Detection? Learn about response, solutions and benefits of advanced cyber threat detection (lien direct) | What is Threat Detection? Threat detection is typically described as an activity relating to the identification of threats within an organization. Often this task is at least partially automated and involves big data processing – especially in larger environments. In fact, in most modern organizations, automation is becoming a necessity for advanced threat detection. [...] | Threat | ||
|
2020-09-15 09:13:35 | What is User and Entity Behavior Analytics? A complete guide to UEBA, how it works, and its benefits (lien direct) | What is UEBA? UEBA stands for User and Entity Behavior Analytics, and is a security process focusing on monitoring suspicious behaviour. Both user behavior and behavior in other entities such as cloud, mobile or on-premise applications, endpoints, networks, and external threats. Utilizing Machine Learning, UEBA builds baselines for every entity in the network, and [...] | |||
|
2020-09-14 13:48:41 | Improving communication about attacks using the MITRE ATT&CK framework (lien direct) | By Ivan Vinogradov, Solution Architect, LogPoint The MITRE ATT&CK framework is a structured collection of adversarial techniques that is meant to assist in all aspects of security activity, with a focus on blue teams. By creating a unified framework, MITRE has enabled security professionals to communicate more clearly and share information more efficiently, thus contributing [...] | |||
|
2020-09-02 17:00:50 | 22nd September – Taking a behavioral approach to security- how to help universities and colleges stay one step ahead of your adversaries (lien direct) | As the new school year gets underway, join LogPoint's Jake McCabe when he discusses how thinking about security from the perspective of adversary behavior can help Universities better prepare for, detect, and respond to threats. Too often, security organizations focus on signatures and IOCs to alert them to threats in their environment, however this myopic [...] | |||
|
2020-08-27 13:08:23 | What is a Security Operations Center (SOC)? (lien direct) | by Nicolai Zerland, VP Marketing, LogPoint SOC definition A Security Operations Center (SOC) is a command center for cybersecurity professionals responsible for monitoring, analyzing, and protecting an organization from cyber attacks. In the SOC, internet traffic, internal network infrastructure, desktops, servers, endpoint devices, databases, applications, IoT devices, and other systems are continuously monitored for security incidents. [...] | |||
|
2020-08-27 09:46:52 | Prometei botnet and its cryptomining shenanigans (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint On Wednesday, July 22, Cisco Talos discovered that the cryptocurrency mining botnet attack Prometei has been quietly active since March. The operators behind Prometei employ a myriad of techniques to spread across the network, like abusing the Server Message Block (SMB) protocol to steal credentials, EternalBlue [...] | |||
|
2020-08-20 17:45:26 | (Déjà vu) 10th September – Welche Vorteile können Organisationen durch ein visionäres SIEM gewinnen? Webinar mit Friedrich von Jagwitz (lien direct) | Die Verarbeitung von Daten in verwertbare Informationen ermöglicht es Unternehmen, Cybersicherheitsbedrohungen effizient zu bewältigen. LogPoint ist vollkommen quellenunabhängig und kann die meisten Anwendungen unterstützen, einschließlich gebrauchsfertiger Funktionen wie z. B. Dashboards, Berichte und Alarmierungen. Nehmen Sie an unserem firmeneigenen Webinar teil und erfahren Sie mehr: Wie LogPoint eine beschleunigte Erkennung und Reaktion auf Ereignisse in [...] | |||
|
2020-08-18 20:00:52 | 9th September – Faster Detection and Response with MITRE ATT&CK (lien direct) | The MITRE ATT&CK framework is a tool to help security teams create a more effective security defense. ATT&CK uses open standards and is essentially a database of documented threat behaviors. Using the ATT&CK framework, analysts can track threat actor behavior to speed up incident response and investigation. When combined with a SIEM or UEBA solution, [...] | Tool Threat | ★★ | |
|
2020-08-17 06:51:15 | LogPoint bouscule le marché du SIEM pour l\'entreprise en renforçant le renseignement et en réduisant de moitié les temps de réponse aux incidents (lien direct) | LogPoint bouscule le marché du SIEM avec la 6.5 associé à UEBA 2.0 s'appuie sur des fonctions analytiques de pointe pour réduire sensiblement les charges de travail des analystes et renforcer les performances opérationnelles globales des entreprisesCOPENHAGE, DANEMARK & BOSTON – Le 20 septembre 2018 – LogPoint, fournisseur européen influence le marché du SIEM [...] | |||
|
2020-08-09 18:45:25 | (Déjà vu) 8th October – LogPoint Modern SIEM in action. Protecting organizations from cyber threats by Jake McCabe (lien direct) | Translating data into actionable intelligence enables organizations to manage cybersecurity threats efficiently. LogPoint is truly source agnostic, with support for most applications, including ready-to-use controls, such as dashboards, reports and alerts. In the session, you will learn: • How LogPoint provides accelerated detection and response to events in every application of the infrastructure. This means [...] | |||
|
2020-07-21 11:39:20 | Détecter Tor grâce à LogPoint (lien direct) | Par Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint Le 1er juillet 2020, la Cybersecurity and Infrastructure Security Agency (CISA), avec la contribution du Federal Bureau of Investigation (FBI), a publié un avis mettant en évidence les risques associés à Tor, y compris des détails techniques et des recommandations d'attenuation. La CISA et le FBI [...] | |||
|
2020-07-21 11:39:20 | Detecting Tor use with LogPoint (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint On July 1, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), along with contributions from the Federal Bureau of Investigation (FBI), released an advisory highlighting risks associated with Tor, including technical details and mitigation recommendations. CISA and the FBI recommend that organizations assess their risk of compromise via Tor and [...] | |||
|
2020-07-18 13:45:26 | 10th September – Welche Vorteile können Organisationen durch ein visionären SIEM gewinnen? Webinar mit Friedrich von Jagwitz (lien direct) | Die Verarbeitung von Daten in verwertbare Informationen ermöglicht es Unternehmen, Cybersicherheitsbedrohungen effizient zu bewältigen. LogPoint ist vollkommen quellenunabhängig und kann die meisten Anwendungen unterstützen, einschließlich gebrauchsfertiger Funktionen wie z. B. Dashboards, Berichte und Alarmierungen. Nehmen Sie an unserem firmeneigenen Webinar teil und erfahren Sie mehr: Wie LogPoint eine beschleunigte Erkennung und Reaktion auf Ereignisse in [...] | |||
|
2020-07-18 10:38:08 | Detecting Exim exploitation by Sandworm APT with LogPoint (lien direct) | By Ivan Vinogradov, Solution Architect, LogPoint The Sandworm Team, a group of known threat actors, have exploited a vulnerability in the Exim Mail Transfer Agent. Associated with the Russian GRU agency since August 2019, Sandworm introduced the vulnerability CVE-2019-10149 in version 4.87 of the Exim software.Organizations can mitigate the vulnerability by implementing the appropriate patches, [...] | Vulnerability Threat | ||
|
2020-07-17 13:08:25 | Machine Learning expliqué SIEMplement (lien direct) | Par Guy Grieve, LogPoint Presales Manager, EMEA Une différence clé entre l'ordinateur et les humains est que l'humain apprend de ses expériences passées, ou du moins nous prétendons que c'est effectivement le cas. Les machines, en revanche, ont besoin d'instructions strictes et doivent savoir exactement quoi faire et comment le faire, en s'appuyant sur ce [...] | |||
|
2020-07-17 13:08:25 | Explained SIEMply: Machine Learning (lien direct) | By Guy Grieve, LogPoint Presales Manager, EMEA A key difference between the computer and the human is that humans learn from their past experiences, or at least we tell ourselves we do. Machines, on the other hand, need strict instructions and need to be told exactly what to do and how to do [...] | |||
|
2020-07-17 07:47:49 | Serveurs Windows DNS : Vulnérabilité CVE-2020-1350 (lien direct) | by Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint Pour le Patch Tuesday de juillet, Microsoft a publié un total de 123 correctifs. Parmi eux, 18 sont critiques et impactent les produits Windows Server et Office. Aucun des bugs répertoriés dans cet avis n'est exploité dans la vraie vie au moment où nous publions cet [...] | |||
|
2020-07-17 07:47:49 | Detection of wormable RCE vulnerability in Windows DNS server (lien direct) | by Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint For July's Patch Tuesday, Microsoft has released a total of 123 fixes. Among them, 18 are critical and impact Windows Server and Office products. None of the bugs listed on the advisory are being exploited in the wild at the time of release. The highlight of [...] | Vulnerability | ||
|
2020-07-08 07:19:23 | (Déjà vu) Détecter la vulnérabilité CVE-2020-5902 avec LogPoint (lien direct) | by Bhabesh Rai, Associate Security Analytics Engineer, LogPoint On July 1, 2020, BIP-IP released security updates for a remote code execution vulnerability found in undisclosed pages of the Traffic Management User Interface (TMUI) of the BIG-IP application delivery controller (ADC). Vulnérabilité TMUI RCE critique An F5 vulnerability, tracked as CVE-2020-5902, could allow attackers to take full [...] | Vulnerability | ||
|
2020-07-08 07:19:23 | (Déjà vu) Detecting the CVE-2020-5902 vulnerability with LogPoint (lien direct) | by Bhabesh Rai, Associate Security Analytics Engineer, LogPoint On July 1, 2020, BIP-IP released security updates for a remote code execution vulnerability found in undisclosed pages of the Traffic Management User Interface (TMUI) of the BIG-IP application delivery controller (ADC). Critical TMUI RCE vulnerability An F5 vulnerability, tracked as CVE-2020-5902, could allow attackers to take full [...] | Vulnerability | ||
|
2020-06-03 08:30:55 | Is your organization Working from Home? Here are the key actions for the administrator to enhance cybersecurity in a time of crisis (lien direct) | By Ivan Vinogradov, Solution Architect, LogPoint During times of crisis, hackers take every opportunity to attack and exploit overwhelmed organizations. Users should take the obvious immediate steps to keep safe, like avoiding links in unknown emails, using strong passwords and only connecting to secure WiFi. But there are important steps to take at the infrastructure [...] | |||
|
2020-05-20 14:54:48 | Using LogPoint to mitigate CISA\'s routinely exploited vulnerabilities (lien direct) | by Ivan Vinogradov, Solution Architect, LogPoint In a recent publication by Cybersecurity and Infrastructure Security Agency (CISA), a set of top exploited vulnerabilities between 2016 and 2020. The list of vulnerabilities included detailed descriptions, indicators of compromise (IOC), common vulnerabilities and exposures (CVE) IDs and mitigations. Even though there are no new threats in the [...] | |||
|
2020-05-13 09:28:27 | LogPoint Remote Working (lien direct) | The "LogPoint Remote Working" webinar is now available on-demand.Fill out the form to access the webinar and learn how:With such large numbers of people working outside their office network security, it's more important than ever to ensure that remote workspaces are secure against cyberattacks.LogPoint's SIEM solution is tailored to solve increasing challenges faced by any [...] | |||
|
2020-05-02 11:00:42 | (Déjà vu) 18th June – LogPoint Modern SIEM in action. Protecting organizations from cyber threats by Jake McCabe (lien direct) | Translating data into actionable intelligence enables organizations to manage cybersecurity threats efficiently. LogPoint is truly source agnostic, with support for most applications, including ready-to-use controls, such as dashboards, reports and alerts. In the session, you will learn: • How LogPoint provides accelerated detection and response to events in every application of the infrastructure. This means [...] | |||
|
2020-04-30 10:03:46 | LogPoint Applied Analytics (lien direct) | The "LogPoint Applied Analytics" webinar is now available on-demand.Fill out the form to access the webinar and learn how:Applied Analytics provides insight into applications, medical journals, social welfare, insurances etc. in a simple reporting tool with an approval workflow for auditing, evaluation and organizational reporting.A complimentary add-on solution to LogPoint SIEM to ensure reports, workflow [...] | Tool |
To see everything:
Our RSS (filtrered)
