The personal information of more than one million patients was impacted in a March 2022 incident at patient care guidelines provider MCG Health. [Read More]
SYN Ventures is leading a $23 million Series A investment in RevealSecurity, a startup building technology to thwart malicious insider threats. [Read More]
Disguised as a cryptocurrency miner, Malibot focuses on stealing financial information, cryptocurrency wallets, and personally identifiable information (PII). [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]
L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a "leading candidate" to acquire Israeli exploit merchant NSO Group. [Read More]
As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together.
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
As threat actors continue to evolve their TTPs to take advantage of crises and outbreaks, the intelligence sources and information sharing mechanisms available to help will become even more important.
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
I foresee a convergence of the tooling for telemetry aggregation, threat detection, managed services and remediation as a key milestone in the evolution of the modern SOC.
An open integration architecture provides the greatest access to data from technologies, threat feeds and other third-party sources, and the ability to drive action back to those technologies once a decision is made.
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.