SecurityWeek
Quarterly Security Patches Released for Splunk Enterprise
Splunk this week released a new set of quarterly patches, to address multiple vulnerabilities in Splunk Enterprise.
Cyber Security News
Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now
Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk to organizations utilizing Splunk Enterprise and Splunk Cloud Platform.
Security Affairs
Splunk fixed high-severity flaw impacting Windows versions
Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw impacting Windows installs.
SecurityWeek
Splunk Patches Vulnerabilities in Enterprise Product
Splunk patches high-severity vulnerabilities in Enterprise, including an authentication token exposure issue.
SecurityWeek
Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence
Splunk has released patches for multiple high-severity vulnerabilities impacting Splunk Enterprise and IT Service Intelligence.
SecurityWeek
Critical Code Execution Vulnerability Patched in Splunk Enterprise
Splunk this week announced the release of out-of-band patches that address multiple vulnerabilities across Splunk Enterprise, including a critical issue that could lead to arbitrary code execution.
SecurityWeek
High-Severity Vulnerability Patched in Splunk Enterprise
The latest Splunk Enterprise releases patch multiple vulnerabilities, including a high-severity flaw in the Windows version.
SecurityWeek
Cisco Completes $28 Billion Acquisition of Splunk
Cisco (NASDAQ: CSCO) completed its $28 billion acquisition of Splunk, paying $157 per share in cash for the company.
SecurityWeek
Cisco to Acquire Splunk for $28 Billion
Cisco to acquire Splunk a deal valued at $28 billion to bolster its cybersecurity business and drive AI-enabled security and observability.
Cyber Security News
Splunk IT Service Intelligence Injection Flaw Let Attacker Inject ANSI Codes in Log Files
Splunk has been reported with a Unauthenticated Log injection vulnerability in the Splunk IT Service Intelligence (ITSI) product.
CSO
Splunk adds new security and observability features
New security and observability features will be added to Splunk Mission Control and its Observability Cloud to identify threats and incidents more efficiently, the company said.
Cyber Security News
Splunk RCE Vulnerability Let Attackers Upload Malicious File
A high-severity Remote Code Execution (RCE) flaw in Splunk Enterprise has been discovered, enabling an attacker to upload malicious files.
Computerworld
Splunk cuts 7% of workforce ahead of Cisco acquisition
The layoffs are happening in the wake of a market retraction, Splunk CEO Gary Steele said.
CyberSecurity Dive
Cisco looks to Splunk for security business growth
Security remains a small part of Cisco’s business, but Splunk could bolster the company’s ability to grow and improve other offerings.
CSO
Splunk unveils Attack Analyzer to automate malware, phishing attack analysis
Attack Analyzer integrates with Splunk SOAR to help security teams uncover complex attack techniques used to evade detection.
%20(3)%20(1).webp)
Cyber Security News
Splunk vs Cribl Lawsuit of Terms Violating Enterprise License
The Splunk-Cribl lawsuit is poised to go to trial, with both companies locking horns over alleged violations of enterprise license terms.
Cyber Security News
Splunk SOAR Unauthenticated Log Injection Let attackers Execute Malicious Code
An unauthenticated log injection vulnerability was discovered by Splunk which can allow threat actors to execute malicious codes.
SecurityWeek
Cisco Boosting Cybersecurity Capabilities With $28 Billion Splunk Acquisition
Cisco has entered into a definitive agreement to acquire data analysis and security company Splunk in a deal valued at $28 billion.
SecurityWeek
Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories
Intel, AMD, Zoom and Splunk released security advisories on Patch Tuesday to inform customers about vulnerabilities found in their products.
The Record
Cisco looks to expand its ‘AI-enabled security’ with $28 billion Splunk deal
Analytics and security software company Splunk is being acquired by networking-equipment giant Cisco for an estimated $28 billion in a deal announced Thursday.
CyberSecurity Dive
Cisco to buy Splunk for $28B
Forrester's Allie Mellen calls it a massive win for Cisco's security business, but said security leaders are concerned about potential SIEM quality degradation.
Computerworld
Splunk appoints Gary Steele as new CEO
The monitoring and security specialist has appointed the ex-Proofpoint CEO in the wake of the surprise departure of Doug Merritt last year.
CyberSecurity Dive
Cisco’s big bet on Splunk accelerates market shifts
The AI-equipped SIEM and observability market isn’t Cisco’s for the taking, as opportunities abound for other vendors to claim share.
.webp)
Cyber Security News
Cisco Completes Acquisition of Splunk for $28 Billion
This strategy in Cisco's journey to revolutionize how organizations leverage data to connect and protect every aspect of their operations.
Cyber Security News
Cisco Announced Acquisition of Splunk for a whopping $28B Mega Deal
Cisco is one of the largest and most successful tech companies in the world, with a market capitalization of $225 billion. Its net income of $12.6 billion in the last fiscal year further solidifies its position as a top leader in the industry.
CyberSecurity Dive
Splunk to cut 7% of staff in latest layoff round this year
CEO Gary Steele said the cuts, which largely impact employees in the U.S., are not related to Cisco's deal to acquire the company.
CyberSecurity Dive
AWS, Splunk lead open source effort to spot and curb cyberattacks
A broad group of 18 tech companies are collaborating to establish a less cumbersome model for cybersecurity defense coordination.
Infosecurity News
Fastest Ransomware Encrypts 100k Files in Four Minutes
Splunk warns that there’s little time to stop attacks once in progress
CyberSecurity Dive
Only one-third of firms deploy safeguards against generative AI threats, report finds
Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts.
Cyber Security News
Best Data Security Solutions for Insurance Providers - 2024
Data Security Solutions for Insurance Providers: 1. Perimeter 81 2. Bitdefender 3. SecureWorks 4. Splunk 5. Symantec DLP 6. McAfee DLP
Cyber Security News
Best Unified Network Security Solutions for Small Businesses
Best Unified Network Security Solutions for Small Businesses. 1. Perimeter 81, 2. Snort, 3. OSSEC, 4. Wireshark, 5. Burp Suite, 6. Splunk.
Cyber Security News
20 Best Threat Hunting Tools - 2023
Best Threat Hunting Tools: 1. Splunk 2. CrowdStrike Falcon 3. YARA 4. SolarWinds 5. Rapid7 InsightIDR 6. Wireshark 7. Tcpdump 8. RITA.
.webp)
Cyber Security News
10 Best SIEM Tools for SOC Operations - 2023
Best SIEM Tools, solutions and Software: 1. Splunk 2. AlienVault 3. IBM QRadar 4. SolarWinds 5. FortiSIEM 6. McAfee 7. ManageEngine Log360.
DarkReading
Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals
Cisco's $28 billion purchase of Splunk was the biggest story, but there were other big security acquisitions and investments during a richer-than-expected quarter.
SecurityWeek
Analysis Shows How Fast Various Ransomware Strains Encrypt 100,000 Files
Splunk has compared the time it takes ten different ransomware strains to encrypt 100,000 files with a total size of 54 Gb.
DarkReading
Reasonable Valuations Drove Mergers and Acquisition Activity in Q3, 2023
Cisco's $28 billion purchase of Splunk was the biggest story, but other security majors made strategic acquisitions as well in a better-than-expected quarter.
Cyber Security News
Top 15 Best Security Incident Response Tools In 2023
Best Incident Response Tools - Free & Paid: 1. ManageEngine 2. CrowdStrike Falcon Insight XDR 3. SolarWinds 4. IBM QRadar 5. Splunk
-1-1.webp)
Cyber Security News
Top 10 Best SaaS Security Tools
Top 10 Best SaaS Security Tools. 1. DoControl, 2. Splunk, 3. Zscaler, 4. Qualys, 5. Proofpoint, 6. Veracode, 7. Okta, 8. Trend Micro.
DarkReading
New Cross-Industry Group Launches Open Cybersecurity Framework
Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.
Cyber Security News
Top 10 Best Insider Risk Management Platforms - 2023
Best Insider Risk Management Platforms. 1. DoControl 2.ActivTrak 3. Elevate Platform 4. Splunk 5.Varonis 6.Forcepoint 7.Securonix 8. Observe It 9. Exabeam 10.LogRhythm
Bleeping Computer
CISA releases tool to review Microsoft 365 post-compromise activity
The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments.
CyberSecurity Dive
Cisco to buy open source multicloud security vendor Isovalent
The deal for the company behind eBPF and Cilium follows Cisco’s blockbuster $28 billion agreement to acquire Splunk.
Security Affairs
Experts found critical RCE in Spotify’s Backstage
Researchers discovered a critical vulnerability impacting Spotify’s Backstage Software Catalog and Developer Platform. Researchers from the security firm Oxeye discovered a critical Remote Code Execution in Spotify’s Backstage (CVSS Score of 9.8). Backstage is Spotify’s open-source platform for building developer portals, it’s used by a several organizations, including American Airlines, Netflix, Splunk, Fidelity Investments and Epic Games. […]
Cyber Security News
Researchers Uncover SnakeKeylogger Attacks, Techniques & Tactics
Threat actors use keyloggers to capture sensitive information, as covert techniques and tactics allow them to steal valuable information.
Bleeping Computer
Ten notorious ransomware strains put to the encryption speed test
Researchers have conducted a technical experiment, testing ten ransomware variants to determine how fast they encrypt files and evaluate how feasible it would be to timely respond to their attacks.
SecurityWeek
In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware
Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar
SecurityWeek
Google Announces New Chrome and Chrome OS Security Features for Enterprises
Google has announced some new Chrome and Chrome OS features that should help enterprises improve security.
DarkReading
Securonix Secures Over $1B in Growth Investment From Vista Equity
Deal is the second one topping $1 billion since November and sets the stage for what could be another record-breaking year for investment in the cybersecurity industry.
SecurityWeek
In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit
Noteworthy stories that might have slipped under the radar: top law firm hacked, Chinese bank pays ransom, PyPI conducts first security audit
Infosecurity News
Half of CISOs Now Report to CEO as Influence Grows
Trend is more pronounced in Europe than America
Cyber Security News
10 Best Cloud Security Tools - 2023
Best Cloud Security Tools and software -1. Cloudflare 2. Zerospam 3. CrowdStrike Falcon 4. QualysSplunk Enterprise 5. Centrify 6. CyberArk
SecurityWeek
Virtual Event Today: 2023 Cloud & Data Security Summit
SecurityWeek's Cloud & Data Security Summit is a fully immersive 3D virtual event will take place on Wednesday, July 19th from 11AM – 4PM ET.
SecurityWeek
In Other News: 100,000 Affected by CISA Breach, Microsoft AI Copilot Ban, Nuclear Site Prosecution
CISA hack could impact 100,000 people, Microsoft AI Copilot banned by US House, UK nuclear site prosecution.
SecurityWeek
Cybersecurity M&A Roundup for November 1-15, 2022
Twenty-one cybersecurity-related merger and acquisition (M&A) deals were announced in the first half of November 2022.
Cyber Security News
Palo Alto Networks Buys IBM’s QRadar
In a major move to bolster its cloud security offerings, Palo Alto Networks announced today that it has agreed to purchase the QRadar .
The Hacker News
Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
Researchers at G DATA have exposed a scheme dubbed "gitgub" on GitHub, where 17 repositories were delivering the information stealer, RisePro.
SecurityWeek
VISO Trust Raises $11 Million for Cyber Risk Management Platform
Third-party cyber risk management solutions provider VISO Trust this week announced that it has raised $11 million in Series A funding, which brings the total investment in the company to $14 million.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
CyberSecurity Dive
LastPass aftermath leaves long to-do list for business customers
Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.
SecurityWeek
Armis Acquires Silk Security for $150 Million
Armis has acquired cyber risk prioritization and remediation company Silk Security for $150 million.
Cyber Security News
Phemedrone Stealer Exploits Windows SmartScreen Flaw to Steal Sensitive Data
Phemedrone Stealer, a sophisticated malware that exploits a vulnerability in Microsoft Windows Defender SmartScreen, CVE-2023-36025.
SecurityWeek
Zoom Paid Out $10 Million via Bug Bounty Program Since 2019
Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019.
SecurityWeek
CISA Creates List of Free Cybersecurity Tools and Services for Defenders
CISA has compiled a list of free cybersecurity services and tools that can help organizations reduce risk and improve resilience.
SecurityWeek
Airbus to Buy German Cybersecurity Firm Infodas
Airbus Defence and Space is set to acquire Infodas, a Germany-based company that boasts €50 million revenue.
SecurityWeek
Investors Double Down on Pangea Cyber API Security Bet
The $26 million Series B brings the total raised by Pangea to $51 million and underscores a push by venture capital investors to bet on companies in the API security category.
SecurityWeek
IBM Acquiring HashiCorp for $6.4 Billion
IBM is acquiring HashiCorp for $6.4 billion for its infrastructure lifecycle management and security lifecycle management capabilities.
DarkReading
CardinalOps Launches MITRE ATT&CK Security Layers for Measuring Detection Posture
Enables enterprises to operationalize MITRE ATT&CK and build a multi-layered, threat-informed defense to eliminate gaps based on organizational risk and priorities.
SecurityWeek
Airbus Pulls Out of Deal to Buy Atos Cybersecurity Unit
Atos shares tank after Airbus decides not to move ahead with discussions to acquire its cybersecurity business.
SecurityWeek
Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam
Financial terms were not released but it's likely a hefty price tag with Exabeam’s most recent valuation pegged at $2.5 billion.
Infosecurity News
Okta Investigates Possible Lapsus Breach
Concerns rise that ransomware group used access to target customers
SecurityWeek
Zoom Patches Critical Vulnerability in Windows Applications
Zoom patches seven vulnerabilities in its products, including a critical-severity bug in its Windows applications.
ZDNet
Deloitte launches new SaaS cyber threat detection and response platform | ZDNet
AWS, CrowdStrike, Exabeam, and Google Cloud Chronicle are operationalizing the new platform.
SecurityWeek
Cisco Announces It is Laying Off Thousands of Workers
Cisco is cutting thousands of jobs as part of a restructuring plan, the computer networking giant announced Feb. 14.
SecurityWeek
Akamai to Acquire API Protection Startup Noname Security for $450 Million
Akamai has announced plans to acquire Noname Security for $450 million to enhance its API protection offering.
SecurityWeek
Cybersecurity M&A Roundup: 35 Deals Announced in November 2022
Thirty-five cybersecurity-related merger and acquisition (M&A) deals were announced in November 2022.
Security Affairs
CISA compiled a list of free cybersecurity tools and services
The U.S. CISA has created a list of free cybersecurity tools and services that can help organizations increase their resilience. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced this week that it has compiled a list of free cybersecurity tools and services that can help organizations to reduce cybersecurity risk and increase resilience. The […]
SecurityWeek
Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities
Intel has published 41 new May 2024 Patch Tuesday advisories covering a total of more than 90 vulnerabilities.
Infosecurity News
Ransomware Actors Embrace Intermittent Encryption
New technique makes for faster encryption and improved evasion
Infosecurity News
#BHUSA: New Open Source Group Set to Streamline Threat Detection
New open source project set to reduce operational pain for SecOps analysts
Bleeping Computer
Criminal IP Teams Up with PolySwarm to Strengthen Threat Detection
The addition of Criminal IP as a new contributor to PolySwarm's malicious URL detection represents a significant leap in specialized threat identification. Learn more from Criminal IP about this new collaboration.
Bleeping Computer
CISA compiles list of free cybersecurity tools and services
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a list of free cybersecurity services and tools to help organizations increase their security capabilities and better defend against cyberattacks.
SecurityWeek
Cisco Unveils AI-Native Enterprise Security Solution Hypershield
Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities.
SecurityWeek
Vulnerability Found in Fluent Bit Utility Used by Major Cloud, Tech Companies
Linguistic Lumberjack (CVE-2024-4323) is a vulnerability in the Fluent Bit utility that can allow DoS, information disclosure and RCE.
SecurityWeek
Pangea Lands $25 Million Investment for API Security Services
Pangea Cyber, an early-stage startup working on technology to help developers add security and compliance features to applications, has landed $25 million in venture capital financing
CyberSecurity Dive
AWS builds a lake for multivendor security data sharing
Security data is scattered and often stored in fragments from multiple sources. AWS wants to centralize that in a single data lake.
SecurityWeek
Cybersecurity M&A Roundup: 28 Deals Announced in September 2023
Twenty-eight cybersecurity-related merger and acquisition (M&A) deals were announced in September 2023, fewer than last month
Cyber Security News
Citrix UberAgent Vulnerability Allows Attackers To Escalate Privileges
Citrix's uberAgent, a sophisticated monitoring tool used to enhance performance and security across Citrix platforms, has been identified as having a critical vulnerability.
CyberSecurity Dive
Most CISOs confront ransomware — and pay ransoms
The number of ransomware attacks organizations face has a direct correlation with the frequency with which ransoms are paid.
Infosecurity News
Ransomware Fallout Costs Seven Times the Ransom Paid
Check Point analysis highlights need for well-planned incident response
The Hacker News
Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws
September 2023 Patch Tuesday — Microsoft addresses 59 bugs, including actively exploited zero-day flaws
DarkReading
Cisco Bets Big on Multicloud Security With Isovalent Deal
Cisco says Isovalent will help expand the capabilities of Security Cloud, an AI-driven, cloud-delivered, integrated security platform.
SecurityWeek
SecurityWeek Analysis: Cybersecurity M&A Dropping, Over 400 Deals Announced in 2023
An analysis conducted by SecurityWeek shows that 413 cybersecurity-related mergers and acquisitions were announced in 2023.
The Cyber Express
Top 25 Cybersecurity CEOs to Watch in 2024
In an era marked by relentless technological evolution and the omnipresence of cyber threats, the role of cybersecurity professionals has
Bleeping Computer
Hackers use fake OnlyFans pics to drop info-stealing malware
A malware campaign is using fake OnlyFans content and adult lures to install a remote access trojan known as 'DcRAT,' allowing threat actors to steal data and credentials or deploy ransomware on the infected device.
Bleeping Computer
Criminal IP and Tines Forge Powerful Tech Alliance
Criminal IP, a leading Cyber Threat Intelligence search engine, has formed a powerful alliance with Tines, a renowned provider of no-code automation solutions.
Bleeping Computer
Researchers release exploit details for Backstage pre-auth RCE bug
Older versions of the Spotify Backstage development portal builder are vulnerable to a critical (CVSS score: 9.8) unauthenticated remote code execution flaw allowing attackers to run commands on publicly exposed systems.
The Hacker News
Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software
Microsoft just released software updates to fix over 70 security vulnerabilities.
CSO
AuditBoard adds new AI and analytics capabilities for risk and compliance
With the new AI algorithms, organizations will be able to streamline audit workflows and automate various risk management and compliance programs.
Bleeping Computer
Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis
The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article.
Bleeping Computer
Criminal IP Becomes VirusTotal IP and URL Scan Contributor
The Criminal IP Threat Intelligence (CTI) search engine has integrated its IP address and URL scans into VirusTotal. Learn more from Criminal IP about how this integration can help you.
Loading more articles....