logging

Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ SharePoint server. …

After select US federal agencies tested Microsoft’s expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using …

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for …

CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. …

Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …

Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those …

Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s …

Cybersecurity involves a balancing act between risk aversion and risk tolerance. Going too far to either extreme may increase cost and complexity, or worse: cause the …

Now that the dust has settled on both the holiday season and the Log4j vulnerability that saw many of us working through it (CVE-2021-44228), it makes sense to look back and …

Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular …

A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, …