What is SQL Injection, and Why Is It Still Causing Issues?
We dive in for a deeper understanding of SQL injection (SQLi) and why the attack is still one of the most pervasive despite being two decades old.
Tried and True – SQL Injection Still a Leading Method of Cyber Attack
SQL injection (SQLi) remains one of the most pervasive attack vectors despite the fact that it’s also one of the oldest and most widely known.
Are We Saying Public Cloud is More Secure? We Just Might Be
Our 2017 Cloud Security Report shows that hybrid cloud implementations have 141% higher rate of security incidents than pure public cloud environments.
Did you get all that? Recap of Cloud Security announcements at Microsoft Inspire 2017
Read our Microsoft Inspire 2017 Cloud Security highlights. Alert Logic summarizes all the amazing sessions we attended into a concise post.
Emergent PetrWrap Variant Analyzed: Internet Propagation and Recovery of Non-NTFS Victims
We have been digging deeper in the quest to better understand this emergent ransomware strain, PetrWrap and how to recover data for Windows users.
The Curious Case of Alexsey Belan and 1.2 Billion Compromised Accounts
Most of the damage caused by Alexsey is concentrated between 2012 and 2013 connect him to massive breaches at Yahoo, Evernote and Zappos, but we also have some key details behind his techniques.
WannaCry – A Propagation brought to you by EternalBlue and DoublePulsar
Learn about the WannaCry ransomware attack, which spread rapidly across 150 countries in 2017, impacting over 100,000 organizations. Discover how it used the EternalBlue exploit and DoublePulsar backdoor to propagate and the role of a ‘kill-switch’ that halted its spread. Explore practical tips on protecting your systems from similar threats, including patching vulnerabilities and strengthening network defenses.
Cutting Through the Noise to Find Web Application Attacks. Really!
It can be to detect some web application attacks. Learn about new technology capabilities that help find them.
The Shadow Brokers (TSB) vs. Equation Group: Third Time is the Charm
Learn about how the Equation Group hacking toolset was taken and released by The Shadow Brokers.
Layering Protection in Your Azure Environment
We review best practices and native capabilities in Azure to help you protect your workloads running in the cloud.
Ironically Positive Fallout from Vault-7 : Cisco Vault-7 CVE-2017-3881
A vulnerability affecting more than 300 different Cisco router SKU’s was discovered by Cisco in the Wikileaks’ Vault-7 dump of classified CIA hacking tools and tactics utilized to gain unauthorized access to iPhone and Android Devices.
Unfolding the Apache Struts Vulnerability
Protecting and Monitoring Apache Struts, which is a critical remote code execution vulnerability affecting Struts newer versions of 2.3.5 – 2.3.31 and Struts 2.5-2.5.10.