Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A malicious package masquerading as a cookie parsing library but delivering a backdoor instead was unpublished from the npm Registry along with three other packages [Read More]
Australia's troubled Commonwealth Bank admits losing financial records for almost 20 million customers in a major security blunder -- but insists there is no need to worry [Read More]
GitHub tells some users to reset their passwords after a bug caused internal logs to record passwords in plaintext [Read More]
NATO’s Locked Shields 2018 exercise tested the skills of cyber defenders from 30 countries in protecting IT systems and critical infrastructure [Read More]
US securities regulators on Tuesday announced that Altaba will pay a $35 million penalty for not telling them hackers had stolen Yahoo's "crown jewels." [Read More]
Over the course of the last week, it has become apparent that the City of Atlanta, Georgia, has paid out nearly $3 million dollars in contracts to help its recovery from a ransomware attack on March 22, 2018. [Read More]
Twitter no longer allows Kaspersky Lab to place advertisements on its platform, apparently over the security firm’s alleged ties to Russian intelligence [Read More]
LinkedIn patches AutoFill vulnerability that could have been exploited to harvest data from users’ profiles [Read More]
CrowdStrike unveils new Falcon Endpoint Protection Complete solution and a threat analysis subscription module for the Falcon platform [Read More]
IBM adds intelligent orchestration capabilities to incident response platform and launches new threat and vulnerability management service [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
It is important for threat intelligence analysts, SOCs and incident responders to work together to take the right actions faster, reducing the time to response and remediation.
Marc Solomon's picture
The industry needs to share a common understanding of how to put threat intelligence into practice to address some of our thorniest security operations challenges.
Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?
Lance Cottrell's picture
Discussions around hacking back in Congress today rely on analogies that are too simple and use examples focused on physical self-defense that fail to capture the true nature of online interactions.
Marc Solomon's picture
It isn’t sufficient for security teams to prevent, detect and respond to attacks. Security teams also must be able to proactively investigate and understand what the latest, large-scale cyber campaign means to their organization.
Justin Fier's picture
When we look at this cycle of stealthy and silent data breaches, we have to ask ourselves: how can such tremendous amounts of data leave our corporate networks without raising any alarms?
Alastair Paterson's picture
Security teams need visibility outside the organization and across the widest range of data sources possible to mitigate digital risk and better protect the organization.
Steven Grossman's picture
Identifying those kinds of repeated non-malicious behaviors amongst a group of peers can help identify broken business processes that are requiring employees to violate policy in order to do their job.
Stan Engelbrecht's picture
Post-incident activity is the often-neglected phase where organizations try to answer the questions of what happened, why, and how can we make sure it doesn’t happen again?
David Holmes's picture
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.