Tag: IDS

Threat Stack Intrusion Detection System

Posted on March 24, 2021 by Liquid Web | Updated: September 29, 2021

Category: Tutorials | Tags: Audit, Backups, Code Analysis, Common Questions, Compliance, Compromise, Compromised Website, Content Security Policy, Data Leak, Diagnostics, Encryption, Fail2Ban, File Permissions, Firewall, Hacking, HIPAA, IDS, Intrusion, Intrusion Detection, Intrusion Detection System, Least Privilege, Linux, LUKS, Lynis, Malware, Passphrase, Password, Password Policy, PCI, PCI Compliant, Pen testing, Permissions, Remote Code Execution, Root, Scripts, Security, Security Policy, Security Practices, Server, SFTP, SQL Injection, SSH, SSH Keys, SSL, Threat, Threat Stack, Tool, Ubuntu, VPN, Vulnerability

Reading Time: 5 minutes

Introduction

This article will review some of the more technical aspects of Threat Stack. Threat Stack is a platform-independent intrusion detection system (IDS) designed to provide users with a unique view into various integrated server security functions. It monitors both Linux and Windows servers as well as Kubernetes or other container-based server infrastructures to observe behaviors and detect malicious, uncommon, and risky activity.

Continue reading →

Microsoft Exchange Server Security Update

Posted on March 16, 2021 by David Singer | Updated: September 29, 2021

Category: Security Bulletins | Tags: Alert, Alert Logic, Audit, Backups, Common Questions, Compliance, Compromise, Compromised Server, Content Security Policy, Data Leak, Diagnostics, Encryption, File Permissions, Firewall, Hacking, HIPAA, IDS, Intrusion, Intrusion Detection, Intrusion Detection System, Least Privilege, Malware, Microsoft, Microsoft Exchange, Microsoft Exchange Vulnerability, Remote Code Execution, Scripts, Security, Security Policy, Security Practices, Server, Threat, Threat Stack, Tool, Vulnerability, Windows, Windows Server

Reading Time: 4 minutes

Introduction

In this article, we provide updated information concerning the ongoing threat posed by the malware directed at Microsoft Exchange Servers noted in CVE-2021-26855. We also furnish the steps needed to update and secure your Microsoft Exchange Server. In a recent post, the Cybersecurity & Infrastructure Security Agency posted a priority security advisory regarding the recent Microsoft Exchange Server vulnerability. They state:

Continue reading →

What is SIEM? WPSiteSync

Posted on March 4, 2021 by David Singer | Updated: September 29, 2021

Category: Tutorials | Tags: Audit, Backups, Code Analysis, Common Questions, Compliance, Compromise, Compromised Website, Content Security Policy, Data Leak, Diagnostics, Encryption, Fail2Ban, File Permissions, Firewall, Hacking, HIPAA, IDS, Least Privilege, Linux, LUKS, Lynis, Malware, Passphrase, Password, Password Policy, PCI, PCI Compliant, Pen testing, Permissions, Remote Code Execution, Root, Scripts, Security, Security Policy, Security Practices, Server, SFTP, SQL Injection, SSH, SSH Keys, SSL, Tool, Ubuntu, VPN, Vulnerability

Reading Time: 4 minutes

Security Information and Event Management (or SIEM) is a subset of the computer security field, where applications and services join forces with security event management and security information management. When united, these disciplines provide significantly improved real-time statistical data and threat analysis of alerts generated by the related applications. The 2021 Internet Security Threat Report from Sophos denotes that are not only the number of attacks on the rise but also the diverse nature of methodologies and vectors of incursions used. This necessitates the fact that adding a SIEM is especially warranted at this time.

Continue reading →