The increase in cyberattacks—and the increase in the cost of cyberattacks—sends a clear signal: Something about the cybersecurity industry needs to change. We live in a world where malicious cyberattack campaigns are persistent and relentless. Even as…
Tag: Threat Intelligence
Europe, Global Security News, North America
Disgruntled Law School Applicant’s Cyberharassment Ends With Narrow Court Ruling
by Mark Rasch •
Ho Ka Terrance Yung wanted to go to Georgetown University School of Law. He had good grades and good LSAT scores and arranged for an “alumni” interview—an interview with a former Hoya to accelerate his application process. The interview did not go wel…
Europe, Global Security News, North America
How Security Automation Bridges the Intelligence-Action Gap
by Flashpoint Team •
Threat intelligence can generate invaluable strategic and tactical insights. One key to bridging the intelligence-action gap is automation.
The post How Security Automation Bridges the Intelligence-Action Gap appeared first on Flashpoint.
The post How …
Security Bloggers, Security Vendor News
Security Telemetry Evolution: The Year of the In-Memory Graph?
by Greg Day •
A fad or trend is any form of collective behavior that develops within a culture, a generation or social group in which a group of people enthusiastically follow an impulse for a short period. In cyber, every year there is at least one new fad…
Europe, Global Security News, North America
GAO: CISA, Treasury Must Assess Critical Infrastructure Risks
by George V. Hulme •
When attackers breached Colonial Pipeline using a stolen password, it took a lot of people by surprise. But the reality is such attacks against critical infrastructure were brewing for some time. Last week, the U.S. Government Accountability Office (G…
Europe, Global Security News, North America
Top 5 Cyber Threats to the Healthcare and Public Health Sector in 2022
by Veronica Drake •
It’s crucial for organizations in the healthcare and public health sector to gain an awareness of their risk apertures and implement the right threat intelligence tools that enable them to quickly identify, mitigate, and prevent cyber attacks.
The post…
Europe, Global Security News, North America
Adopting a Multifaceted Security Approach
by John Moschella •
Over the past decade, terms like malware and ransomware have increasingly entered into the public vernacular, especially as they relate to highly publicized, high-profile cybersecurity attacks. Most recently, the Biden administration issued a dire war…
Europe, Global Security News, North America
The Four Pillars of a Cybersecurity Strategy That Works
by Daniel Smith •
Understanding the threat landscape is one thing; extracting and leveraging actionable threat intelligence to reinforce an organization’s defensive posture is another. Threat intelligence empowers organizations by providing them with the knowledge and …
Europe, Global Security News, North America
DE:CODED – Firewall speeds and VPN risks
by SE Labs Team •
“If they are not getting any money from you, then where are they getting the money from?” Show notes for series 2, episode 2 Is your firewall as fast as you think? What does XDR mean and how does it work? Do you need a personal VPN? We talk to Brian Mo…
Europe, Global Security News, North America
Detection, Isolation, and Negotiation: Improving Your Ransomware Preparedness and Response
by Flashpoint Team •
The risks presented by ransomware and cyber extortion events have likely found a place in your own security team’s discussions, and rightfully so.
The post Detection, Isolation, and Negotiation: Improving Your Ransomware Preparedness and Response appea…
Europe, Global Security News, North America, Vulnerabilities
Russian Hackers Declare War on Lithuania — Killnet DDoS Panic
by Richi Jennings •
NATO member Lithuania is under attack from Russian hacking group Killnet. It raises serious concerns over Russia’s use of cyber warfare against NATO states.
The post Russian Hackers Declare War on Lithuania — Killnet DDoS Panic appeared first on Secur…
Europe, Global Security News, North America, Vulnerabilities
Protecting Organizations From 5G Threats
by Sunil Ravi •
The industry is buzzing about 5G technology and its potential. For example, almost every new smartphone is advertised as “5G compatible,” with the majority of mobile subscriptions switching to 5G over the next five years. With its promise of improved …
Europe, Global Security News, North America
Using AI and ML to Fight Zero-Day Attacks
by Sue Poremba •
If it felt like you were asked to download a lot of patches in May and June, it’s because there were a lot of patches in May and June. An increase in zero-day vulnerabilities and exploits led to an increase in attacks. In fact, Mandiant reported that …
Europe, Global Security News, North America
ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo
by Richi Jennings •
We could soon have a federal GDPR. But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week.
The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo appeared first on Security Boul…
Europe, Global Security News, North America
Hermit Previews Sophisticated Spyware To Come
by Teri Robinson •
The appropriately named Hermit enterprise-grade Android surveillanceware currently used by the Kazakhstan government within its borders—and deployed to Italy and Syria—portends the sophistication of spyware to come. “The Hermit app that initially is i…
Europe, Global Security News, North America, Vulnerabilities
NSA Wants To Help you Lock Down MS Windows in PowerShell
by Richi Jennings •
A new cheatsheet from four infosec agencies tells us how to use PowerShell for good, rather than let scrotes misuse it to “live off the land.”
The post NSA Wants To Help you Lock Down MS Windows in PowerShell appeared first on Security Boulevard.
Europe, Global Security News, North America
The Million-Dollar Question: To Pay or Not to Pay Ransom?
by Aamir Lakhani •
Ransomware is one of the most serious threats to businesses today. In fact, a recent survey found that 85% of enterprises are more concerned about the prospect of ransomware attacks than any other kind of attack. The decision of whether or not to pay …
Europe, Global Security News, North America
Machine Learning Tackles Ransomware Attacks
by Sue Poremba •
There are approximately 250 known ransomware families, and these families are directly related to the rise of ransomware-as-a-service, according to Bitdefender. “Ransomware infection is just the final step; these modern attacks take some time to prepa…
Europe, Global Security News, North America, Vulnerabilities
Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’
by Richi Jennings •
Capital One hacker Paige A. Thompson has been found guilty. But it has to be said that Capital One’s security design was absolutely awful.
The post Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’ appeared first on S…
Europe, Global Security News, North America
5 Tips to Thwart Business Email Compromise (BEC) Attacks
by Oliver Noble •
There’s been an astounding 84% increase in business email compromise (BEC) attacks, according to the latest NordLocker Email Threat Report, which compared half-yearly statistics. The news should be particularly alarming to organizations that use email…
Europe, Global Security News, North America
Digital Value Chain Attacks on the Rise
by Nathan Eddy •
Cybercriminals are moving to exploit vulnerabilities in the digital value chain as organizations fight to secure a rapidly expanding threat surface. These were among the findings of a report from Micro Focus subsidiary CyberRes. The study revealed No…
Europe, Global Security News, North America
Complete Guide to Cyber Threat Intelligence Feeds
by Sectrio •
Cyber Threat Intelligence [CTI] Feeds – The devil is in the details Whether your firm is looking for a cybersecurity vendor to meet your needs or your employees are undergoing a training program, it is important to understand how cyber Threat Intellige…
Security Bloggers
Episode 239: Power shifts from Russia to China in the Cyber Underground
by Paul Roberts •
Naomi Yusupov, a Chinese Intelligence Analyst at the threat intelligence firm CyberSixGill talks to host Paul Roberts about that company’s new report: The Bear and the Dragon: Analyzing the Russian and Chinese Cybercriminal Communities.
The post Epis…
Europe, Global Security News, North America, Vulnerabilities
Radware Survey Reveals API Security Weaknesses
by Michael Vizard •
A survey published today suggests there is a disconnect between the perceived and actual level of security being applied to application programming interfaces (APIs). The survey polled 203 IT professionals in Europe, Asia and North America from organi…
Europe, Global Security News, North America
How to Build Cybersecurity Resilience
by A.N. Ananth •
Cybersecurity has been changing rapidly over the past couple of years, due in no small part to the COVID-19 pandemic. In response, organizations have digitized at an unprecedented rate and, in the process, created new opportunities for cybersecurity s…
Europe, Global Security News, North America
How to Build Cybersecurity Resilience
by A.N. Ananth •
Cybersecurity has been changing rapidly over the past couple of years, due in no small part to the COVID-19 pandemic. In response, organizations have digitized at an unprecedented rate and, in the process, created new opportunities for cybersecurity s…
Europe, Global Security News, North America, Vulnerabilities
Noname Security Expands API Security Platform
by Michael Vizard •
Noname Security has updated its platform for securing application programming interfaces (APIs) to make it possible to discover them in seconds and then automatically remediate vulnerabilities when discovered. In addition, Noname API Security Platform…
Europe, Global Security News, North America, Vulnerabilities
JFrog Discloses Config Vulnerability in Envoy Proxy Software
by Michael Vizard •
A security research team at JFrog, a provider of a continuous integration/continuous delivery (CI/CD) platform, has discovered a vulnerability in certain compression configurations of open source Envoy proxy software that can be used by a distributed …
Europe, Global Security News, North America, Vulnerabilities
Apple M1 Flaw Can’t be Fixed — PACMAN Panic
by Richi Jennings •
Apple’s M1 chip isn’t as safe from buffer overflows as previously thought. M1 and other designs based on ARMv8.3 can have their ‘PAC’ protection neutered.
The post Apple M1 Flaw Can’t be Fixed — PACMAN Panic appeared first on Security Boulevard.
…
Europe, Global Security News, North America, Vulnerabilities
Expel Report Surfaces High Percentage of BEC Attacks
by Michael Vizard •
A report from managed security operations center (SOC) provider Expel found a spike in business email compromise (BEC) attacks involving Microsoft Office 365 (O365) in the first quarter of 2022. Well over half of the security incidents tracked by Expe…
Europe, Global Security News, North America
19 Ways to Vet Your MSP for Cybersecurity Best Practices
by Anas Baig •
When you choose a managed service provider (MSP), you are putting a lot of trust in their ability to keep your systems up and running and to keep your data safe. That’s why it’s so important to vet your potential managed service provider t…
Europe, Global Security News, North America
Authorities Arrest ‘Prominent’ Nigerian BEC Threat Actor
by Teri Robinson •
No doubt remote work has tilled fertile ground for miscreants bent on executing business email compromise (BEC) scams, which is why it’s good news that authorities have one operator—from Nigeria—in custody. As part of a joint initiative called Operati…
Europe, Global Security News, North America, Vulnerabilities
China is Exploiting Network Providers and Devices, Says US Cybersecurity Advisory
by Curtis Kang •
On June 7, the US Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) released an advisory outlining the different tactics, techniques, and procedures (TTPs), particularly c…
Europe, Global Security News, North America, Vulnerabilities
Radware Finds New Era of DDoS Attacks Dawning
by Michael Vizard •
A report published by Radware this week indicated the number of malicious distributed denial-of-service (DDoS) attacks rose nearly 75% in the first quarter of 2022. The increase is mainly due to an increase in so-called “micro floods” that are classif…
Europe, Global Security News, North America
Understanding and Preventing Layer 7 Attacks
by Zach Norton •
The open systems interconnection (OSI) is a reference model for layering interoperability and networking of communicating systems via standard protocols. Even though cybersecurity attacks can happen anywhere in the OSI model, Layer 7, or the applicati…
Europe, Global Security News, North America
Ransomware Actors, Access Brokers Form Lucrative Relationships
by Nathan Eddy •
When ransomware crews need access to launch their attacks, they reach out to initial access merchants—malicious actors who offer to sell compromised network access to cybercriminals. As key enablers in the financially motivated cybercriminal undergr…
Europe, Global Security News, North America
US Seizes SSNDOB Market, Which Sold PII of 24 Million People
by Jonathan Zalman •
The DOJ’s takedown of SSNDOB is the latest in a series of seizures of illicit marketplaces, forums, and shops, which sometimes include the sale of personally identifiable information (PII) belonging to individuals in the United States.
The post US Sei…
Europe, Global Security News, North America
Palo Alto Networks Sees Rise in Ransomware Payments
by Michael Vizard •
Palo Alto Networks this week disclosed that, in cases worked by its Unit 42 incident response team, the average ransomware payment rose to $925,162 during the first five months of 2022. That average was pushed higher by two multi-million dollar paymen…
Europe, Global Security News, North America
Cybereason Survey Reveals the Extent of Ransomware Havoc
by Michael Vizard •
A global survey of 1,456 cybersecurity professionals conducted by Censuswide on behalf of Cybereason, a provider of an extended detection and response (XDR) platform, found nearly three-quarters (73%) of respondents admitted their organization was tar…
North America
Why Phishing Is Still the Top Attack Method
by NewsCred System •
Attackers are known to pore over a company’s website and social channels. Perhaps they spot a mention of an upcoming charity event. Who runs the charity? What does their email signature look like? What’s the color and size of the charity’s logo? This kind of information is priceless to attackers. From there, attackers can craft […]
The post Why Phishing Is Still the Top Attack Method appeared first on Security Intelligence.