Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
South American startup Strike Security has secured $5.4 million to fund an ambitious plan to disrupt the penetration testing and attack surface management business. [Read More]
Google and Mandiant separately warn that nation-state APT actors, ransomware gangs and private mercenary exploit firms are burning through zero-days at record pace. [Read More]
Despite an increase in attacks, ICS/OT companies admit that they turn off cybersecurity systems if they cause problems to operations. [Read More]
The FBI believes ransomware attacks against agricultural cooperatives could rise during the planting and harvest seasons. [Read More]
Okta's CISO issues a public statement to stress that the impact from the incident was “significantly smaller than we initially scoped.” [Read More]
Israeli startup SeeMetrics raises early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations. [Read More]
While the median attacker dwell time has consistently declined in recent years, it has no consistent correlation to the breach effect. [Read More]
Thousands of participants will respond to a series of simulated cyberattacks that crippled the government, military, and critical infrastructure operations of a fictional country. [Read More]
A group of academic researchers show that video conferencing applications transmit microphone telemetry even when the user's microphone is muted in the software. [Read More]
GitHub warns that compromised OAuth user tokens were abused to download data belonging to dozens of organizations. [Read More]
FEATURES, INSIGHTS // Incident Response
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
Security is a big data problem. Solving it is all about prioritized data flow, continuously processing data for analysis and translating and exporting it to create a single security infrastructure.
The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste.
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
As Security Operations Centers (SOCs) mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Get the Daily Briefing
- Nikkei Says Customer Data Likely Impacted in Ransomware Attack
- New Brute Force Attacks Against SQL Servers Use PowerShell Wrapper
- DoJ Will No Longer Use CFAA to Charge Ethical Hackers
- Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies
- Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines
- Phishers Add Chatbot to the Phishing Lure
- QuSecure Lauches Quantum-Resilient Encryption Platform
- Cloud Data Security Firm Dig Emerges From Stealth With $11 Million in Funding
- US Recovers $15 Million From Ad Fraud Group
- Enterprise Data Protection Company Seclore Raises $27 Million
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy