Collaborate Disseminate
Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include agentless ingestion, cloud asset inven… Continue reading Elastic expands cloud detection and response capabilities from a single SIEM
In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), in… Continue reading Adversarial groups adapt to exploit systems in new ways
Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and Meta… Continue reading Cybercriminals capitalize on poorly configured cloud environments
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (CVE… Continue reading Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortani… Continue reading Infosec products of the month: August 2024
Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, and EndorLabs. Rapid7 releases Command Platform, unified attack defense and res… Continue reading New infosec products of the week: August 9, 2024
Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom d… Continue reading Elastic automates SIEM data onboarding with Automatic Import
Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multi… Continue reading Researchers unearth MotW bypass technique used by threat actors for years
In this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies’ exposure to new security risks and vulnerabilities as they rush to deploy LLMs. King explains how LLMs pose significant r… Continue reading How companies increase risk exposure with rushed LLM deployments
Elastic has announced that Search AI will replace the traditional SIEM with an AI-driven security analytics solution for the modern SOC. Powered by the Search AI platform, Elastic Security is replacing largely manual processes for configuration, invest… Continue reading Elastic’s Search AI to transform SOCs with AI-driven SIEM solutions