Topic: detection rules
-
Uncover Hidden Secrets: Nosey Parker Finds Sensitive Data in Git & Text
Nosey Parker is an open-source command-line tool that finds sensitive information like passwords and API keys hidden in text files, serving as a specialized alternative to grep. Developed for offensive security, it is also used defensively to audit environments for accidental data leaks and has b...
Read More » -
ManageEngine Log360 Update Cuts SOC Alert Fatigue
Security operations centers are overwhelmed by excessive data and false alerts, which often obscure critical threats. ManageEngine's Log360 update introduces smarter threat detection, filtering out irrelevant alerts and reducing false positives by up to 90%. The platform includes a centralized de...
Read More » -
INC Ransomware Blunder Exposes Data of 12 US Organizations
An operational security lapse by the INC ransomware gang allowed forensic investigators to discover and access a persistent repository containing stolen, encrypted data from twelve unrelated U.S. organizations. The discovery was made by analyzing attacker infrastructure, which revealed the gang's...
Read More » -
The $400M Password Problem: Can You Get a New One?
A social engineering attack on Clorox, executed by impersonating employees and manipulating an outsourced service desk, led to an estimated $380 million in damages by exploiting weak password and MFA reset procedures. The breach caused severe operational disruptions, including halted production a...
Read More »