Welcome to the May edition of the ExtraHop TL;DR! This is your place to get the highlights on what we're talking about this month. You can also watch our video broadcasts on the third Friday of every month on our LinkedIn page.
Man X Machine Special Edition: Shields Up
Two days after Russia began its military invasion of Ukraine, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a Shields Up warning for U.S.-based organizations. In this webinar, John Zangardi, former CIO for the U.S. Department of Homeland Security, former acting CIO for the U.S. Department of Defense, and former Navy CIO, joins a panel of experts to discuss how organizations can support their security teams during times of high alert.
Gartner®: How to Respond to the 2022 Cyberthreat Landscape
Sophisticated threat actors are playing by a new set of rules. Gain insight into the evolving cybersecurity threat landscape, understand the challenges in maturing an organization's security practices, and get detailed mitigation strategies security and risk management leaders can implement.
Dark Reading: Close the Visibility Gap
Broad adoption of encryption technologies is causing major shifts in the security operations and cyber threat landscape. Learn about the changes in attacker techniques, understand the challenges posed by encryption to SecOps teams, and retain the visibility needed for threat detection, investigation, and response.
Visit ExtraHop at RSA 2022
Heading to RSA this year? Stop by booth #1327 to chat with our team, see our live demo, pick up some cool swag, and enter to win a GoTrax electric scooter.
Threat of the Month: DNS Tunneling Attacks
DNS tunneling is a difficult-to-detect attack that routes DNS requests to the attacker's server, providing attackers a covert command and control channel, and data exfiltration path. Bad actors use DNS tunneling to get data through firewalls. Suspicious DNS traffic can be difficult to detect because DNS is a noisy protocol, making it harder to distinguish a normal host query and normal DNS traffic from malicious activity.
From the ExtraHop Blog
Take a look at some of our recent stories.
April Patch Tuesday Vulnerabilities: What You Need to Know
Microsoft recently released patches for 145 vulnerabilities for April's Patch Tuesday. Get detailed remediation strategies from this new list of exploits.
Beating Ransomware in the Midgame: Detection Best Practices 2022
Ransomware groups are using a new playbook. Learn how to stop them at their most vulnerable point—in the midgame.
In Other News
Read, watch, or listen to some interesting news from around the internet.
The Register: Mandiant says 2021 was a record year for exploited zero-day security bugs
According to Mandiant, the number of zero-day vulnerabilities exploited in the wild reached an all-time high last year, with most of these attacks coming from state-sponsored groups.
Early Discovery of Pipedream Malware a Success Story for Industrial Security
Cybersecurity professionals discovered, analyzed, and created defenses against an industrial control system (ICS) malware framework before it could be deployed.