Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET. This hacking group, which appears to have ties to Russia, has primarily targeted Ukraine for years.
The volume and sophistication of security attacks increase at a rate that makes it tough for SOCs to have people, processes and technologies in their right places. So what would the ideal SOC look like? Bruce Hembree of Palo Alto Networks discusses the way forward.
As consumers and customers, we are accustomed to easy, intuitive, and superfast transactions driven by data. Therefore, businesses have the various challenges of managing and mining the data they produce and use, but also ensuring that their digital experience is 100% reliable for their customers - so the chain of...
For many cybercrime investigators, it's all about indicators of compromise - evidence that a crime has occurred. But what if you were to shift toward cataloging behaviors that could indicate an attack is ongoing or imminent? Sam Curry of Cybereason explains the IoB concept.
When it comes to threat hunting, what are the complementary uses of SIEM and EDR technologies? What are the unique use cases for each, and how can they coexist? Sam Curry of Cybereason shares tips in advance of a virtual roundtable discussion.
The security skills shortage has been well documented over the years. It remains a salient problem for most enterprises as 66% of respondents to a 451 Research 2019 survey still say they do not have enough information security personnel on staff, and 33% specifically cited pen-testing skills as not meeting their...
Breach and Attack (BAS) simulation enables security practitioners to think and act like an adversary. BAS that connects the MITRE ATT&CK TTPs into a full APT kill chain enables them to effectively answer the question "How would an APT attack affect our organization?"
Download this eBook to learn more about:
Testing the cybersecurity posture of an organization or its
cybersecurity resilience to cyberattacks, has come a long
way. The demand for the latest and most comprehensive
testing solutions continues to grow to counter
the ever-increasing wave of cybercrime. Until
recently, the information security...
Security teams need to respond to new threats by adding new analytic capabilities to their SOC, giving them more insight into potential threats.
They need tools that allow security professionals to automate certain processes so they can focus on the real alerts - that is, the real threats. It's time to build a...
Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.