Connect with us

Cyber Security

Built In Honors LogRhythm in its Esteemed 2021 Best Places To Work…

Avatar

Published

on

LogRhythm, the company powering today’s security operations centers (SOCs), announced it has been honored on Built In’s 2021 list of the 100 Best Places To Work in Colorado. The annual awards recognize companies of all sizes, from startups to the enterprise, in the eight largest technology markets and nationally.

“Employee engagement has always been important to LogRhythm. Given the challenges in 2020, we doubled down on efforts to support our employees as much as possible,” said Melissa Garza, vice president of human resources at LogRhythm. “Transparent communication from leadership and initiatives focusing on diversity, equity and inclusion — as well as healthy minds — took priority. No matter what the future holds, these employee-centric programs will remain a priority.”

Technology professionals rely on Built In’s Best Places to Work lists to discover employers that align with their preferences, passions and values. Built In develops the lists based on an algorithm, using company data about compensation, benefits and cultural programs. To reflect the attributes candidates are searching for on Built In today, this year’s program weighted certain criteria more heavily, like remote opportunities and programs for diversity, equity and inclusion.

“These companies raise the bar for cultural excellence and the ability to adapt to meet changing needs of employees,” says Sheridan Orr, Chief Marketing Officer, Built In. “The 2021 winners show a commitment not just to creating meaningful cultures but to delivering talent needs as they change in a dynamic landscape. We’re thrilled to extend our congratulations to the winners.”

LogRhythm is currently hiring for positions in several departments, including product, sales, finance and operations, all of which can be found on the company’s Built In Colorado page. To learn more about LogRhythm, please visit the website.

About Built In

Built In, a revolution in tech recruitment, serves more than 1,800 innovative companies of all sizes, from startups to the enterprise, delivering content and digital recruitment solutions that work. The platform amplifies companies’ brands as national, local or remote employers of choice, as well as leaders in DEI. Monthly, 2.5 million tech professionals rely on Built In to stay up on trends, grow in their roles and discover companies with missions they want to join. The platform publishes stories about companies’ tech, culture and people. This activates sought-after professionals to apply to customers’ open roles. https://www.builtin.com

About Built In’s Best Places To Work
Built In’s esteemed Best Places to Work awards, now in its third year, honor companies across numerous categories: 100 Best Places to Work, 50 Best Small Places to Work, 100 Best Midsize Places to Work, 50 Companies with the Best Benefits and 50 Best Paying Companies. Two new national categories reflect what candidates are searching for, including 100 Best Large Companies to Work For and 50 Best Remote-First Places to Work.

Best Places To Work: Methodology

Built In ranks companies algorithmically based on compensation information, benefits and culture programs. This year, based on data showing tech professionals’ needs, the Best Places to Work algorithm added weight to companies’ commitment to DEI and remote culture. Rank is determined by combining a company’s score in each of these categories.

About LogRhythm

LogRhythm’s award-winning NextGen SIEM Platform delivers comprehensive security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralization of threats. Built by security professionals for security professionals, LogRhythm enables security professionals at leading organizations NASA, Xcel Energy and Temple University to promote visibility for their cybersecurity program and reduce risk to their organization each and every day. LogRhythm is the highest-ranked provider for customer satisfaction in G2 Research’s grid report for SIEM. To learn more, please visit logrhythm.com.

Share article on social media or email:

Source: https://www.prweb.com/releases/built_in_honors_logrhythm_in_its_esteemed_2021_best_places_to_work_awards/prweb17674921.htm

AI

SolarWinds Hackers Targeted Cloud Services as a Key Objective 

Avatar

Published

on

The SolarWinds attackers appear to have as a primary objective the compromise the authentication method for cloud services, with far-reaching implications. (Credit: Getty Images).   

By John P. Desmond, AI Trends Editor 

The SolarWinds hackers appeared to have targeted cloud services as a key objective, potentially giving them access to many, if not all, of an organization’s cloud-based services.  

Christopher Budd, independent security expert

This is from an account in GeekWire written by Christopher Budd, an independent security consultant who worked previously in Microsoft’s Security Response Center for 10 years.  

“If we decode the various reports and connect the dots we can see that the SolarWinds attackers have targeted authentication systems on the compromised networks, so they can log in to cloud-based services like Microsoft Office 365 without raising alarms,” wrote Budd. “Worse, the way they’re carrying this out can potentially be used to gain access to many, if not all, of an organization’s cloud-based services.”  

The implication is that those assessing the impact of the attacks need to look not just at their own systems and networks, but also at their cloud-based services for evidence of compromise. And it means that defending against attacks means increasing the security and monitoring of cloud services authentication systems, “from now on.”  

Budd cited these key takeaways: 

  • After establishing a foothold in a network, the SolarWinds attackers target the systems that issue proof of identity used by cloud-based services; and they steal the means used to issue IDs; 
  • Once they have this ability, they are able to create fake IDs that allow them to impersonate legitimate users, or create malicious accounts that seem legitimate, including accounts with administrative access;  
  • Because the IDs are used to provide access to data and service by cloud-based accounts, the attackers are able to access data and email as if they were legitimate users.

SAML Authentication Method for Cloud Services Seen Targeted 

Cloud-based services use an authentication method called Security Assertion Markup Language (SAML), which issues a token that is “proof” of the identity of a legitimate user to the services. Budd ascertained, based on a series of posts on the Microsoft blog, that the SAML service was targeted. While this type of attack was first seen in 2017, “This is the first major attack with this kind of broad visibility that targets cloud-based authentication mechanisms,” Budd stated. 

In response to a question Budd asked Microsoft, on whether the company learned of any vulnerabilities that led to this attack, he got this response: “We have not identified any Microsoft product or cloud service vulnerabilities in these investigations. Once in a network, the intruder then uses the foothold to gain privilege and use that privilege to gain access.” 

A response from the National Security Administration was similar, saying the attackers, by “abusing the federated authentication,” were not exploiting any vulnerability in the Microsoft authentication system, “but rather abusing the trust established across the integrated components.” 

Also, although the SolarWinds attack came through a Microsoft cloud-based service, it involved the SAML open standard that is widely used by vendors of cloud-based services, not just Microsoft. “The SolarWinds attacks and these kinds of SAML-based attacks against cloud services in the future can involve non-Microsoft SAML-providers and cloud service providers,” Budd stated. 

American Intelligence Sees Attack Originating with Russia’s Cozy Bear 

American intelligence officials believe the attack originated from Russia. Specifically, according to a report from The Economist, the group of attackers known as Cozy Bear, thought to be part of Russia’s intelligence service, were responsible. “It appears to be one of the largest-ever acts of digital espionage against America,” the account stated.  

The attack demonstrated “top-tier operational tradecraft,” according to FireEye, a cyber-security firm that also was itself a victim.  

America has tended to categorize and respond to cyber-attacks happening over the last decade according to the aims of the attackers. It has regarded intrusions intended to steal secretsold-fashioned espionageas fair game that the US National Security Agency is also engaged in. But attacks intended to cause harm, such as the North Korea assault on Sony Pictures in 2014, or China’s theft of industrial secrets, are viewed as crossing a line, the account suggested. Thus, sanctions have been imposed on many Russian, Chinese, North Korean and Iranian hackers.   

The Solar Winds attack seems to have created its own category. “This effort to stamp norms onto a covert and chaotic arena of competition has been unsuccessful,” the Economist account stated. “The line between espionage and subversion is blurred.”  

One observer sees that America has grown less tolerant of “what’s allowed in cyberspace” since the hack of the Officer of Personnel Management (OPM) in 2015. That hack breached OPM networks and exposed the records of 22.1 million related to government employees, others who had undergone background checks, and friends and family. State-sponsored hackers working on behalf of the Chinese government were believed responsible.   

“Such large-scale espionage “would be now at the top of the list of operations that they would deem as unacceptable,” stated Max Smeets of the Centre of Security Studies in Zurich. 

“On-Prem” Software Seen as More Risky 

The SolarWinds Orion product is installed “on-prem,” meaning it is installed and run on computers on the premises of the organization using the software. Such products carry security risks that IT leadership needs to carefully evaluate, suggested a recent account in eWeek 

William White, security and IT director, BigPanda

The SolarWinds attackers apparently used a compromised software patch to gain entry, suggested William White, security and IT director of BigPanda, which offers AI software to detect and analyze problems in IT systems. “With on-prem software, you often have to grant elevated permissions or highly privileged accounts for the software to run, which creates risk,” he stated.    

Because the SolarWinds attack was apparently executed through a software patch, “Ironically, the most exposed SolarWinds customers were the ones that were actually diligent about installing Orion patches,” stated White.  

Read the source articles in GeekWirefrom The Economist and in eWeek.

Source: https://www.aitrends.com/security/solarwinds-hackers-targeted-cloud-services-as-a-key-objective/

Continue Reading

Cyber Security

Tax Season Ushers in Quickbooks Data-Theft Spike

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/tax-quickbooks-data-theft/164253/

Continue Reading

Cyber Security

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/mozilla-firefox-bugs-cookie-tracking/164246/

Continue Reading

Cyber Security

VMWare Patches Critical RCE Flaw in vCenter Server

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Source: https://threatpost.com/vmware-patches-critical-rce-flaw-in-vcenter-server/164240/

Continue Reading
NEWATLAS1 hour ago

NIH study confirms SARS-CoV-2 reinfections are relatively rare

NEWATLAS2 hours ago

Land Rover drops a V8 into fastest, most powerful Defender ever

AI2 hours ago

Using container images to run TensorFlow models in AWS Lambda

AI2 hours ago

IBM Reportedly Retreating from Healthcare with Watson 

AI2 hours ago

SolarWinds Hackers Targeted Cloud Services as a Key Objective 

AI2 hours ago

RAND Corp. Finds DoD “Significantly Challenged” in AI Posture 

AI3 hours ago

Tesla Working on Full Self-Driving Mode, Extending AI Lead 

Bioengineer3 hours ago

UM scientists achieve breakthrough in culturing corals and sea anemones cells

Bioengineer3 hours ago

CAR T-cell therapy generates lasting remissions in patients with multiple myeloma

AI3 hours ago

Asimov’s Three Laws Of Robotics And AI Autonomous Cars 

Bioengineer3 hours ago

Bearded seals are loud — but not loud enough

Bioengineer3 hours ago

Study finds human-caused North Atlantic right whale deaths are being undercounted

Nano Technology3 hours ago

A speed limit also applies in the quantum world: Study by the University of Bonn determines minimum time for complex quantum operations

180-degree-capital-corp-reports-6-7-growth-in-q4-2020-9-28-net-asset-value-per-share-as-of-december-31-2020-and-developments-from-q1-2021-including-expected-investment-in-a-planned-spac-sponsor.gif
Nano Technology3 hours ago

180 Degree Capital Corp. Reports +6.7% Growth in Q4 2020, $9.28 Net Asset Value per Share as of December 31, 2020, and Developments from Q1 2021 Including Expected Investment in a Planned SPAC Sponsor

cea-leti-dolphin-design-report-fd-soi-breakthrough-that-boosts-operating-frequency-by-450-and-reduces-power-consumption-by-30-joint-paper-presented-at-isscc-2021-shows-how-new-adaptive-back-biasing.jpg
Nano Technology3 hours ago

CEA-Leti & Dolphin Design Report FD-SOI Breakthrough that Boosts Operating Frequency by 450% and Reduces Power Consumption by 30%: Joint Paper Presented at ISSCC 2021 Shows How New Adaptive Back-Biasing Technique Overcomes Integration Limits in Chip Design Flows

Amb Crypto3 hours ago

Global crypto population surpasses 100 million; Boomers and Gen X now ‘keen on Bitcoin’

Bioengineer3 hours ago

New shape-changing 4D materials hold promise for morphodynamic tissue engineering

Bioengineer3 hours ago

Parker Solar Probe offers stunning view of Venus

NEWATLAS4 hours ago

Barley growing conditions found to affect whisky characteristics

Energy4 hours ago

Energy Transition Jobs: PG&E, Nexus Power Group, Breakthrough Energy Ventures, and more

Cyber Security4 hours ago

Tax Season Ushers in Quickbooks Data-Theft Spike

Bioengineer5 hours ago

Embracing our excremental selves

Bioengineer5 hours ago

Over 80% of Atlantic Rainforest remnants have been impacted by human activity

Bioengineer5 hours ago

‘Miracle poison’ for novel therapeutics

Cyber Security5 hours ago

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Bioengineer5 hours ago

Rediscovered journal brings unique perspective on Atlantic slave trade

SPACS5 hours ago

Video: The Case for Why Clover Health Stock is Headed to Zero

Amb Crypto5 hours ago

Why Cardano’s price recovery is more organic than reflexive

Bioengineer5 hours ago

Strengthened by chaos, new super-hard materials will stir steel together

Automotive6 hours ago

SpaceX rapidly builds, tests Starship Moon elevator for NASA

Trending