Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Uber said that hackers accessed the personal data of 57 million of its users in a breach that had been covered up by the company for more than a year. [Read More]
The chairpersons of the House Science, Space, and Technology Committee and the House Oversight and Government Reform Committee on Monday sent a new letter (PDF) to Paulino Barros, the interim CEO of Equifax. [Read More]
WoSign subsidiary StartCom will shut down after major browser vendors banned its certificates [Read More]
1.8 billion Internet posts collected by a contractor for the Pentagon were exposed online due to failure to secure an Amazon cloud storage bucket [Read More]
Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]
Kaspersky shares more details from its investigation into reports that Russian hackers stole NSA data using its software [Read More]
Forever 21 investigating payment card breach, but only few details were provided by the company [Read More]
Quantum Dawn IV, a large-scale exercise to test the cyber resiliency of the U.S. finance sector, had more than 900 participants from over 50 financial institutions, government agencies and regulators. [Read More]
Equifax on Thursday said that during the third quarter of 2017, it incurred $87.5 million in expenses related to the massive hack that was disclosed on September 7, 2017. [Read More]
Equifax said Friday an internal review found that four executives who sold shares ahead of disclosure of a massive data breach at the credit agency were unaware of the incident ahead of the sale. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
Automatically recalculating and reevaluating priorities and threat assessments ensures you continue to stay focused on what is relevant to mitigate your organization’s risk.
Adam Meyer's picture
With sound and timely operational threat intelligence, you can make life a lot harder for adversaries and have a much better understanding of how your organization is positioned against today's cyber threats.
Joshua Goldfarb's picture
All the activity around the WannaCry ransomware attack really did make me want to cry. But not for the reasons you might expect. So what was it that nearly brought me to tears?
Marc Solomon's picture
Threat intelligence integration done right will allow you to act on threat intelligence efficiently and effectively using your existing security tools and services.
Rafal Los's picture
Don’t overlook the importance of having something that’s repeatable. To be repeatable, a process must be well-documented, well-understood and well-practiced.
Marc Solomon's picture
To harness the power embedded in disparate sources of threat data requires aggregating it and translating it into a uniform format for analysis and action.
Joshua Goldfarb's picture
The European Union’s General Data Protection Regulation includes an aspect that seems particularly relevant to the field of security operations and incident response.
Marc Solomon's picture
Security professionals want insights into the adversaries themselves – the tools as well as the tactics, techniques and procedures (TTPs) they’re using – to strengthen defenses and make life much more difficult for the bad guys.
Joshua Goldfarb's picture
Organizations should not be lured into a false sense of security if they deal in information or data that are not typically sought after by nation-state attackers.
Marc Solomon's picture
A threat intelligence platform (TIP) needs to operationalize and apply intelligence as the glue to reduce fragmentation.