Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Microsoft insists the latest Windows Print Spooler security update works as intended but researchers show code execution demos if certain capabilities are enabled. [Read More]
A US software firm hit by a ransomware attack that crippled companies worldwide put off restarting its servers until Sunday to harden defenses against further breaches. [Read More]
Cisco issues an advisory with a warning that the vulnerabilities could be exploited by authenticated, remote attackers to gain elevated privileges. [Read More]
Top US officials met at the White House on stopping ransomware Wednesday, as pressure mounted on President Joe Biden to take action against Russia over cyberattacks. [Read More]
The Republican National Committee says no RNC data was compromised in a cyberattack that involved B2B IT services provider Synnex. [Read More]
Sophos has acquired Capsule8 to beef up the Linux protection capabilities to its endpoint detection and response product stack. [Read More]
SecurityWeek is covering all the new information on the Kaseya ransomware attack and here you can find a summary of all articles on this topic, as well as other useful resources. [Read More]
Researchers have reproduced the exploit used in the Kaseya hack, just as the company’s CEO downplayed the impact of the attack. [Read More]
The out-of-band update comes more than a week after the publication of proof-of-concept exploit code sent Windows network administrators scrambling to apply pre-patch mitigations. [Read More]
British Airways has settled a class action lawsuit over the 2018 data breach, but the company’s legal problems are not over. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Marc Solomon's picture
Curated threat intelligence is an essential capability of the SOC, enabling tools and teams to work more efficiently and effectively to optimize everything from incident response to threat hunting.
AJ Nash's picture
Knowing that threat intelligence is readily available and proving its worth is one thing, understanding how to use it within your security operations program is quite another.
Marc Solomon's picture
When intelligence becomes a capability and not just subscriptions to feeds, we can gain the full value of intelligence as the foundation to security operations.
Idan Aharoni's picture
As organizations’ visibility is limited to what their threat intelligence vendors cover, by definition they will never have full visibility.
Marc Solomon's picture
To gather the data and intelligence you need to fully detect and respond to threats, you need the ability to scale up and down the pyramid.
John Maddison's picture
By understanding the latest threat trends, security teams can take measures to ensure that their security strategies, including the identification and tracking of new IOCs, are being correctly updated.
Torsten George's picture
The risk of company employees walking away with sensitive data or selling their access credentials has never been greater now that a record number of individuals have been laid off.
Marc Solomon's picture
While it may be a trendy term, in cybersecurity, intelligence pivoting is pivotal to detection and response.