Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The Ukrainian government is proactively warning that Russia is planning “massive cyberattacks” against critical infrastructure targets in the energy sector. [Read More]
NATO sent a senior-level delegation to Albania to help the tiny Western Balkan country cope with the consequences of recent cyberattack that the government blamed on Iran. [Read More]
CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify and a strategic investment in API security vendor Salt Security. [Read More]
Ride sharing giant Uber is downplaying the impact from a devastating security breach that included the theft of employee credentials, access to the HackerOne bug bounty dashboard and data from an internal invoicing tool. [Read More]
Victims of the LockerGoga ransomware can recover their files with a free decryption tool available via the NoMoreRansom project’s website. [Read More]
LastPass says it has concluded its investigation into the August 2022 compromise of the LastPass development environment. [Read More]
Uber said Thursday, Sept. 15, that it reached out to law enforcement after a hacker apparently breached its network. A security engineer said the intruder provided evidence of obtaining access to crucial systems at the ride-hailing service. [Read More]
The non-profit foundation is building a team to proactively identify and address security defects in the popular Rust programming language. [Read More]
Dig Security’s latest financing comes as venture capital investors rush to place bets on startups jostling for space in the cloud data security space. [Read More]
Microsoft says its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform. [Read More]
- 1 of 195
- ››
FEATURES, INSIGHTS // Incident Response
Cyberattacks and data breaches continue to rise year-over-year and another so-called silver bullet technology isn’t going to stop that trend.
Nothing can ever prepare an organization for every ransomware scenario. However, if you train for multiple situations, your team will be able to make decisions more quickly, and react appropriately when an unforeseen incident occurs.
The goal of security automation is to accelerate detection and response, but you’ll waste a lot of time if you try to eat the elephant all at once.
With an approach that is data-driven and flexible, you can get as simple or as advanced as the detection and response demands.
Organizations can strengthen their security posture by getting detailed information on current attack techniques and keeping their employees’ cyber hygiene training up to date.
As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together.
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
As threat actors continue to evolve their TTPs to take advantage of crises and outbreaks, the intelligence sources and information sharing mechanisms available to help will become even more important.
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
- 1 of 30
- ››
Get the Daily Briefing
- Canon Medical Product Vulnerabilities Expose Patient Information
- What's Going on With Cybersecurity VC Investments?
- CISA Issues Guidance on Transitioning to TLP 2.0
- DoD Announces Final Results of 'Hack US' Bug Bounty Program
- Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
- Chinese Cyberespionage Group 'Witchetty' Updates Toolset in Recent Attacks
- Cisco Patches High-Severity Vulnerabilities in Networking Software
- Microsoft Exchange Attacks: Zero-Day or New ProxyShell Exploit?
- NSA Cyber Specialist, Army Doctor Charged in US Spying Cases
- North Korean Gov Hackers Caught Rigging Legit Software
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy