Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Stolen Cookies Enabling Financial Fraud
Published: 09/26/2022

Originally published by Ericom here. Written by Nick Kael, CTO, Ericom Software. Multi-Factor Authentication (MFA) is one of the most frequently recommended best practices for securing data and applications, designed to prevent even cybercriminals who have compromised user credentials in hand fro...

The Ongoing Cyber Threat to Critical Infrastructure
Published: 09/26/2022

Originally published by Thales here.Written by Marcelo Delima, Senior Manager, Global Solutions Marketing, Thales.The effects of cyberattacks on critical infrastructure can be catastrophic. Security breaches in this sector can be incredibly disruptive to society and are attracting considerable at...

The Biggest Cloud and Web Security Concerns Today
Published: 09/24/2022
Author: Megan Theimer

With the continuation of remote work and newsworthy cyber attacks, organizations are struggling to adapt their overall security strategies to the changing landscape. To get a better understanding of the industry’s current attitudes regarding cloud and web security risks, Proofpoint commissioned C...

The Anatomy of Wiper Malware, Part 1: Common Techniques
Published: 09/21/2022

Originally published by CrowdStrike here. Written by Ioan Iacob and Iulian Madalin Ionita, CrowdStrike. This blog post is the first in a four-part series in which an Endpoint Protection Content Research Team will dive into various wipers discovered by the security community over the past 10 years...

3 Trends from Verizon’s 2022 Data Breach Investigations Report
Published: 09/21/2022

Originally published by Authomize here. Written by Gabriel Avner, Authomize. The Verizon Data Breach Investigations Report is essentially infosec’s report card. It comes out right before summer vacation and gives us an ~120 page snapshot of the state of security. The findings, much like my report...

The Chipmunks Are Coming: Appreciating the Motivation of Threat Actors
Published: 09/19/2022

Originally published by ShardSecure here. Written by Marc Blackmer, VP of Marketing, ShardSecure. I like birds, but more on them in a moment. At the point in time of our story, I’d worked from home for about 10 years, and the shine of my basement office had worn away. One summer, I thought it...

Cryptominer Detection: A Machine Learning Approach
Published: 09/15/2022

Originally published by Sysdig here. Written by Flavio Mutti, Sysdig. Cryptominers are one of the main cloud threats today. Miner attacks are low risk, low effort, and high reward for a financially motivated attacker. Moreover, this kind of malware can pass unnoticed because, with proper evasive ...

How Identifying UserData Script Manipulation Accelerates Investigation
Published: 09/12/2022

Originally published by Mitiga here. Written by Doron Karmi, Mitiga. UserData script manipulation by threat actors is a technique that has been known in the wild for several years and has been observed being exploited by many attack groups. Abuse of the AWS EC2 instance UserData attribute could l...

The Evolving Role of the SOC Analyst
Published: 08/30/2022

Originally published by LogicHub here. Written by Willy Leichter, Chief Marketing Officer, LogicHub. As the cyber threat landscape evolves, so does the role of the security operations center (SOC) analyst. Cybersecurity industry veteran and OneTrust VP of Security, Colin Henderson, says...

Revisiting the Idea of the "False Positive"
Published: 08/30/2022

Originally published by Gigamon here. Written by Joe Slowik, Principal Security Engineer, Applied Threat Research, Gigamon. Background One common refrain in security circles is the chore related to “false positive” alerts and detection results. The “false positive” alert correlates with security ...

Trends in Cybersecurity Breaches
Published: 08/25/2022

The complete blog was originally posted by Alert Logic on July 7, 2022. Written by Antonio Sanchez. You may be used to hearing that cyberattacks are becoming more widespread and destructive every year. Recent world events are underscoring the point. COVID-19 left a lasting mark on our working l...

Cloud Security is Broken but it Doesn’t Have to Be
Published: 08/23/2022

Originally published by Dazz here. Written by Tomer Schwartz, Co-founder & CTO, Dazz. Continuous Delivery is Here to StayDevelopment is in the cloud in a big way. Modern engineering teams have built continuous integration pipelines, pulling together code repositories, continuous integration platf...

Analyzing the Travis CI Attack and Exposure of Developer Secrets
Published: 08/23/2022

Originally published by Open Raven here. Written by Michael Ness, Security Researcher, Open Raven. IntroductionThe Continuous Integration (CI) platform Travis CI was recently victim of a research based attack, where researchers from Aqua security were able to obtain approximately 73,000 sensitive...

Tales from the Dark Web: How Tracking eCrime’s Underground Economy Improves Defenses
Published: 08/22/2022

Originally published by CrowdStrike here. Written by Bart Lenaerts-Bergmans, CrowdStrike. Ransomware is not new; adversarial groups have relied on compromises for many years. However, over the past 2-3 years, their strategy has started to shift toward a more community based business model enabled...

Using AI/ML to Create Better Security Detections
Published: 08/19/2022

Originally published by LogicHub here. Written by Anthony Morris, Solution Architect, LogicHub. The blue-team challenge Ask any person who has interacted with a security operations center (SOC) and they will tell you that noisy detections (false positives) are one of the biggest challenges. There...

Google Workspace - Log Insights to Your Threat Hunt
Published: 08/16/2022

Originally published by Mitiga here. Written by Ariel Szarf and Lionel Saposnik, Mitiga. Google Workspace is a popular service for document collaboration for organizations and for individual users. Threat actors note that the popularity of this service has increased and search for ways to exp...

An Overview on the Modern, Cloud-Native SOC Platform
Published: 08/15/2022

Originally published by Panther here. Written by Mark Stone, Panther. For the modern security team, the concepts of Security Operations Center (SOC) and Security Information and Event Management (SIEM) are well known and have become increasingly crucial. To defend against the wide range of cyber ...

Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Published: 08/11/2022

Originally published by CrowdStrike here. Written by Marina Simakov, CrowdStrike. Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. The PetitPotam vulnerability, combined with AD-CS relay, is one of the recent sev...

From the Front Lines | 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts
Published: 08/09/2022

Originally published by SentinelOne here. Written by Tom Hegel, SentinelOne. Over the last month a crimeware group best known as 8220 Gang has expanded their botnet to roughly 30,000 hosts globally through the use of Linux and common cloud application vulnerabilities and poorly secured conf...

The Call Is Coming from Inside the House: Novel Exploit in VOIP Appliance
Published: 08/04/2022

Originally published by CrowdStrike here. Written by Patrick Bennett, CrowdStrike. CrowdStrike Services recently performed an investigation that identified a compromised Mitel VOIP appliance as the threat actor’s entry point. The threat actor performed a novel remote code execution exploit on the...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.