SSH
After Brief Exposure in Public Repo, GitHub Rotated Private SSH Key
In an attempt to get ahead of fallout from the exposure of its private SSH key in a public repository, the software development platform GitHub proactively rotated its host key last week ...
Extending NDR visibility in AWS IaaS
By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams ...
Securing SSH Keys in Multicloud Operations
Secure Shell, or SSH, keys have become a go-to authentication tool, especially as we continue to adopt and adapt to distributed IT and remote working environments that demand robust access controls. But ...
Guardicore Discovers SSH Targeting Botnet: Telecom Infrastructure A Target (Along With Financial Systems)
via Ophir Harpaz, writing at the Guardicore Blog comes highly concerning news of a nascent SSH botnet discovery by the security professionals at Guardicore, dubbed FritzFrog. Today's Must Read! ...
Corelight Splunk App update: new dashboard and data
By Roger Cheeks, US-East Sales Engineer, Corelight In support of Corelight’s latest software release, v19, we are pleased to launch our newest installment of the Corelight App for Splunk (Corelight App) and ...
The light shines even brighter: Updates to Corelight’s Encrypted Traffic Collection
By Vince Stoffer, Senior Director, Product Management, Corelight With Corelight’s latest software release, v19, we are excited to announce the expansion of our Encrypted Traffic Collection (ETC). The ETC was introduced in ...
Analyzing Encrypted RDP Connections
By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work ...
Start the Year Right with a Security and Privacy Check Up
At some point in the past, I began making new year’s resolutions for doing a bit of personal privacy and security maintenance on New Year’s Day or thereabouts. I would usually have ...
Using AWS Session Manager with Enhanced SSH and SCP Capability
Last year, Amazon Web Services announced new capabilities in the AWS Systems Manager Session Manager. Users are now capable of tunneling SSH (Secure Shell) and SCP (Secure Copy) connections directly from a ...
Best of both worlds: automated cloud access management and incident response
Cloud adoption has done a lot of good for businesses in driving innovation, agility, and scale. But as organizations adopt cloud services into their IT infrastructure, their security teams are facing a ...