MITRE Engenuity ATT&CK Tests

MITRE Engenuity ATT&CK Tests

By developing a common language to arm analysts with a standard to describe attacks, MITRE ATT&CK has become a critical knowledgebase for cyber defenders, ultimately improving security efficiency and response time. The annual MITRE Evaluation compares industry-wide innovation to deliver the solutions necessary to detect and respond to the evolving threat landscape. The evaluation offers cybersecurity solution buyers and customers with an unbiased option to evaluate security products to arm themselves against the latest advances from attackers…

Read More

This Week in Security News – April 1, 2022

This Week in Security News – April 1, 2022

Read on:  Probing the Activities of Cloud-Based Cryptocurrency-Mining Groups Trend Micro‘s research into cloud-based cryptocurrency mining sheds light on the malicious actor groups involved in this space, their ongoing battle for cloud resources, and the actual extent of the impact of their attacks. Lapsus$ ‘Back from Vacation’ Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers’ DevOps platforms – to its hit list. The Lapsus$ data…

Read More

Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously

Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously

But that’s just the tangible cost of a cryptocurrency-mining attack. There are also indirect consequences that an affected organization might encounter, such as the disruption and slowdown of operations that could result in loss of revenue or even damage to the reputation of the organization because of the inconveniences brought upon its customers. The major players in the cloud-based cryptocurrency mining landscape are diverse in terms of their tools, techniques, and even the way they…

Read More

How CISOs can Mitigate Cryptomining Malware

How CISOs can Mitigate Cryptomining Malware

How CISOs can Mitigate Cryptomining Malware Risk Management Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat. By: Jon Clay March 29, 2022 Read time:  ( words) As cryptocurrencies continue to grow in popularity, organizations are increasingly at risk for cryptomining attacks. In fact, Apache Log4j (Log4Shell)—the holiday gift no one asked for—was observed to be mostly used for cryptomining and ransomware by cybercriminals….

Read More

This Week in Security News – March 25, 2022

This Week in Security News – April 1, 2022

Read on:  An Investigation of Cryptocurrency Scams and Schemes The use of cryptocurrency has increased tremendously since it was first introduced in 2009. As blockchain technology has enabled use of cryptocurrency to expand, interest and the assets that are generated in its use also continue to grow. However, the virtual environment that allows it to flourish has also become fertile ground for cybercriminals to exploit, so much so that there has been a constant stream…

Read More

Threat Intelligence: Cyber Risk Management Strategies

Threat Intelligence: Cyber Risk Management Strategies

4. Old vulnerabilities remain relevant While Apache Log4Shell (Log4j) was arguably the most prominent zero-day vulnerability of 2021, older flaws remained relevant and effective as well. Data from Trend Micro™ TippingPoint™ shows that the greatest number of detections (75 million) this year were of CVE-2019-1225, a memory disclosure flaw in Microsoft’s Remote Desktop Services (RDS) discovered in August 2019. Explaining cyber risk to the board As the digital attack surface expands due to the accelerated…

Read More

This Week in Security News – March 18, 2022

This Week in Security News – April 1, 2022

Read on:  Navigating New Frontiers: Trend Micro 2021 Annual Cybersecurity Report Trend Micro looks back at the most significant security issues that emerged in 2021, with insights and recommendations to help organizations bolster their defenses. The digital migrations and transformations that had enabled organizations to continue their operations amid the Covid-19 pandemic continued to usher in significant shifts in the threat landscape in 2021. US Has ‘Significant’ Cyber Vulnerabilities, But A Sweeping Russian Cyberattack Is…

Read More

This Week in Security News March 4, 2022

This Week in Security News – April 1, 2022

Read on:  Global Cyberattacks: How to Manage Risk in Times of Chaos As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. Evidence of widespread defacement of government websites, and targeted attacks against government agencies and financial institutions serve yet another layer of risk to deal with, and it has never been more important to be on top of your security game. Trend Micro shares 5 best practices to manage cyber…

Read More

Why IaC Security Should Matter to CISOs

Why IaC Security Should Matter to CISOs

Speed is the name of the game for organizations building in the cloud. And in order to meet increasingly demanding deadlines, many DevOps teams are turning to infrastructure as code (IaC) to spin up new projects at scale—but are they doing so securely? This article looks at IaC security challenges and how CISOs can choose the right cloud security tool to support quick development and drive innovation. What is IaC? Infrastructure as code (IaC), as…

Read More

This Week in Security News – February 25, 2022

This Week in Security News – April 1, 2022

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how to protect your organization from cyberattacks targeting open-source servers. Also, read about the most recent cyberattack warnings following Biden’s sanctions on Russia. Read on:  Recent Cyberattacks Increasingly Target Open-source Web Servers As organizations reeled from the Log4Shell vulnerability (CVE-2021-44228), cyberattacks aiming at open-source web servers, like…

Read More
1 12 13 14 15 16 19