Security Experts:

long dotted


Two members of the U.S. House of Representatives have sent a letter to Apple to obtain some clarifications on how the tech giant handled the recently disclosed FaceTime spying bug. [Read More]
Huddle House, a casual dining and fast food chain with over 300 restaurants, informs customers of a payment card breach. [Read More]
U.S. Senators Hassan and Portman have reintroduced the DHS Cyber Hunt and Incident Response Teams Act. [Read More]
Apple implements server-side fix for FaceTime spying vulnerability, but a software update will only be delivered to users next week. [Read More]
Home design platform Houzz has advised some users to change their passwords after discovering unauthorized access to a file storing user data. [Read More]
The Minnesota Department of Human Services says a data breach potentially exposed personal information on up to 3,000 people. [Read More]
Personal information belonging to some Airbus employees in Europe has been compromised following a breach suffered by the aerospace giant. [Read More]
A U.S. judge has rejected Yahoo’s data breach settlement, citing, among other things, inadequate disclosure of the settlement fund and high attorney fees. [Read More]
Bangladesh will soon file a lawsuit in New York against a Philippine bank over its involvement in one of the biggest-ever cyber heists, the country's central bank governor said. [Read More]
Salt Security emerges from stealth mode with a solution designed to identify and prevent API attacks and $10 million in funding. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
Most organizations have more intelligence than they know what to do with. What’s lacking is a way to aggregate all this data in one manageable location where it can be translated into a uniform format for analysis and action.
Jalal Bouhdada's picture
In the event of a cybersecurity incident in an industrial environment, you should follow a well-established seven step response process.
Marc Solomon's picture
How do we break this wasteful cycle and enable teams and technologies to reduce instances of false positives? The answer lies in prioritization and learning.
Stan Engelbrecht's picture
By highlighting phishing, which causes so many headaches for all us security professionals, you can see just how much of a game-changer automation can be for any SOC or CSIRT.
Marc Solomon's picture
Adversaries are increasingly masterful at taking advantage of these seams between technologies and teams to infiltrate organizations and remain below the radar.
Josh Lefkowitz's picture
There’s no point in having billions of data points if those data points aren’t timely, accurate, actionable, and adequately map to your intelligence objectives and requirements.
Erin O’Malley's picture
Like dog bites, the negative impact of cyber incidents can go from bad to worse quickly—and the first 48 hours are critical.
Josh Lefkowitz's picture
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
Stan Engelbrecht's picture
These seven processes should be automated in order to save valuable time during incident response and security investigation procedures, and help organizations improve their overall cybersecurity posture.
Preston Hogue's picture
Technical hacks to gain entry into sensitive systems are still an important part of the equation, but today they are just one tool in a much larger toolkit.