Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The U.S. Defence Information Systems Agency (DISA) has disclosed a 2019 data breach in which personal information may have been compromised. [Read More]
A ransomware infection at a U.S. natural gas compression facility resulted in a two-day operational shutdown of an entire pipeline asset. [Read More]
Puerto Rico’s government has suspended three employees as federal agents investigate an online scam that attempted to steal more than $4 million from the U.S. territory. [Read More]
Facebook this week said it removed three unrelated networks of accounts, pages, and groups that engaged in inauthentic behavior on behalf of foreign governments or threat actors. [Read More]
Cosmetic company Estée Lauder exposed 440 million records to the Internet in a database that was left accessible without proper protection, a security researcher says. [Read More]
Japanese defense contractors Pasco and Kobe Steel have disclosed cyber intrusions they suffered in 2016 and 2018. [Read More]
US officials and cyber experts warned Tuesday that the voting debacle in the Democratic caucuses in Iowa underscored the vulnerabilities in the country's election infrastructure in everything from hacking to trust-eroding conspiracy theories. [Read More]
A new Maryland bill would ask the state’s Department of Information Technology to develop a baseline plan for localities within the state to help battle cyber attacks. [Read More]
Australian transportation and logistics giant Toll Group was forced to shut down some of its customer apps in response to a ransomware attack. [Read More]
A newly launched project wants to help inform IT security representatives and domain owners when their users fall victim to phishing. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Gunter Ollmann's picture
While defense scoring lowers the barrier to sharing defensive success insights, it does not yet address the insights gained from learning from others’ failures and the stigma of a breach.
AJ Nash's picture
Elevating from the Cyber threat intelligence (CTI) team concept to an “intelligence team” concept is the next generation of intelligence practice within the private sector.
Marc Solomon's picture
Threat intelligence value comes down to relevance and accessibility, which requires curation into a customized enrichment source, aggregating data filtered by a range of factors.
Craig Harber's picture
No matter how many best-of-breed protective solutions you use to defend your network, the unfortunate reality is eventually an attacker is going to get past them.
Marc Solomon's picture
Security teams need the ability to understand threats, hunt for threats and use automation effectively and responsibly.
Joshua Goldfarb's picture
When the security of our organization depends on us leaving our comfort zone, how can we ensure that we accomplish what we set out to do without putting the organization at additional risk?
Marc Solomon's picture
National Cybersecurity Awareness Month (NCSAM) is a great vehicle to raise awareness for cybersecurity and to remind every organization that the ability to improve security operations begins with contextual awareness.
Josh Lefkowitz's picture
Here’s a crash-course on the intelligence cycle and how you can apply and derive value from its core principles—no matter your role or security discipline:
Marc Solomon's picture
Five things you should know about incident pruning and how to apply it to improve investigations, threat hunting and incident response.
Josh Lefkowitz's picture
A use case-centric approach to threat intelligence can yield substantial benefits and is absolutely worth pursuing. It just needs to be pursued properly.