Security Experts:

long dotted


The US Treasury on Friday placed sanctions on three North Korea government-sponsored hacking operations which it said were behind the theft of possibly hundreds of millions of dollars and destructive cyber-attacks on infrastructure. [Read More]
A ransomware incident in Flagstaff Arizona is being used as an example of how to prepare for and mitigate the effects of ransomware. [Read More]
The Russian hackers behind the 2016 Crashoverride/Industroyer attack that caused a power outage in Ukraine may have been hoping to cause more serious damage. [Read More]
Microsoft announces general availability of Automated Incident Response feature in Office 365 Advanced Threat Protection (ATP). [Read More]
Threat intelligence sharing and cyber fusion firm Cyware has raised $3 million in seed funding led by Emerald Development Managers [Read More]
A denial-of-service (DoS) attack exploiting a known vulnerability disrupted firewalls at a US power utility. [Read More]
WikiPedia went down in some countries after being hit by a DDoS attack. [Read More]
The Texas Department of Information Resources (DIR) says it is not aware of any ransom being paid to recover systems affected by a recent ransomware attack. [Read More]
A Massachusetts mayor says hackers demanded $5.3 million from his city in a ransomware attack this summer. [Read More]
DevOps firm CircleCI informed customers that some information that may be useful for targeted phishing attacks was exposed through a third-party analytics vendor. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
Visualization holds the key for quickly understanding patterns and determining which threads to pull.
Torsten George's picture
While the urge to hack back after a data breach is very appealing, going back to the basics and applying proper cyber hygiene is a better alternative.
Josh Lefkowitz's picture
No organization is fully immune to ransomware attacks, which is why having a comprehensive and well-tested incident response (IR) plan can make all the difference.
Stan Engelbrecht's picture
What does the cyber kill chain have to do with Sherlock Holmes, and this quote in particular?
Ashley Arbuckle's picture
While we can’t turn our attention away from gathering data, we must devise new ways to deal with the onslaught of data. Humans simply can’t keep up, and the problem is getting worse.
Marc Solomon's picture
Security teams have more internal system data than they know what to do with from sources including the SIEM system, log management repository, case management systems and security infrastructure. Security analysts struggle to make sense of too much data.
Josh Lefkowitz's picture
Request for intelligence (RFI) services have quickly become both ubiquitous and prone to misleading claims in the threat intelligence market.
Stan Engelbrecht's picture
Security teams need to incorporate intent-based response, behavior-based detection, and a kill chain perspective to get a step ahead of their adversaries.
David Holmes's picture
Architects and IT security teams are looking for technology evolutions to help them manage real problems in endpoint storage and messaging.
Ashley Arbuckle's picture
Shifting to a proactive approach to incident response (IR) is critical but identifying partners who can provide the capabilities you need is a challenging task.