BREAKING: In major copyright battle between tech giants, SCOTUS sides w/ Google over Oracle, finding that Google didnt commit copyright infringement when it reused lines of code in its Android operating system. The code came from Oracle's JAVA SE platform. supremecourt.gov/opinions/20pdf…

Excited that Elastic is a sponsor of HackerOne Internet Bug Bounty, rewarding vulnerability research into widely used Open Source Software projects.

Elastic Security Announcement re: Apache Log4j2 CVE 2021-44228 discuss.elastic.co/t/apache-log4j…

Excited to share a summary of CVE-2021-44228, working alongside Samir and the Elastic security team. Thanks to Tony Meehan Brian for the content review, tech details & followup! elastic.co/blog/detecting…

Detecting log4j exploit attempts in your environment with Elastic Security. #log4j #log4j2 #Log4Shell elastic.co/blog/detecting…

Following in the footsteps of many others, I've decided to collect intel on log4shell and share it. I've deployed a few honeypots with ModSecurity yesterday and the data is streaming into an Elastic cluster. log4shell.threatsearch.io

In response to the CVE-2021-44228 or Log4Shell vulnerability, the team behind #ElasticSecurity has developed additional rules to help users protect their environments. See what’s ready for immediate implementation, and what we’re working on: go.es.io/3q5fS6i

since we keep seeing a lot of questions around #Log4Shell and Elastic, we're doing a meetup + Q&A on tuesday, december 21: community.elastic.co/events/details… * 17:00 CET detection with James * 17:45 CET vulnerability & mitigation for our products with Ry Biesemeyer, Alexander Reelsen, me

New versions of Elasticsearch and Logstash are now available to upgrade to the latest release of Apache Log4j and address the false positive concerns with the vulnerability scanners. Learn more on our blog: go.es.io/3yIGr5u

Elastic Security uncovers BLISTER malware campaign elastic.co/blog/elastic-s… via Elastic

Here it is: humanity’s final look at NASA Webb Telescope as it heads into deep space to answer our biggest questions. Alone in the vastness of space, Webb will soon begin an approximately two-week process to deploy its antennas, mirrors, and sunshield. #UnfoldTheUniverse

As we continue our million mile (1.5 million km) journey out to our orbit, we'd just like to thank each of you for following us as we #UnfoldTheUniverse! You're all one in a million (miles) in our hearts ❤️

We are looking to replace an awesome Assurance Analyst who moved within Elastic to a product team. If you like working with great people and solving challenging problems check out the posting! Don't meet all the requirements? Apply anyway! jobs.elastic.co/jobs/infosec/u…

We’re excited to announce a partnership with Satya! Joint customers can dramatically reduce dwell times, mean time to respond, and false-positive rates while also strengthening their agility and impact. Learn more: go.es.io/3wp791X

This looks like a game changer for open source software and supply chain security, "Open Source Software Security Mobilization Plan" openssf.org/oss-security-m… linuxfoundation.org/press-release/…

🚨 A RCE Vulnerability (CVE-2022-26134) in Atlassian's Confluence Server and Data Center is being actively exploited. ⛔ Block all internet traffic to and from those devices until an update is available and applied. Cybersecurity and Infrastructure Security Agency's KEV now includes this vul: go.usa.gov/xJDf2

Thanks TechRepublic for highlight Elastic's guidance, elastic.co/guide/en/elast…, "Never run an Elasticsearch cluster without security enabled." Also, as of 8.0, Elasticsearch is Secure by default, elastic.co/blog/introduci… techrepublic.com/?p=3975891

This is so true 🤣

We let the Internet down today. Here’s our technical post mortem on what happened. On behalf of the entire Cloudflare team, I’m sorry. blog.cloudflare.com/18-november-20…