threat intelligence

RansomHub threat actors observed using EDR-killing tool

Posted on by Admin
RansomHub threat actors observed using EDR-killing tool

Threat research from Sophos details a recent encounter with the ransomware group known as RansomHub. The research reports that the attack was unsuccessful; however, researchers were able to analyze the attack and discovered the use of an EDR-killing tool. The research has labelled this utility the EDRKillShifter.  John Bambenek, President at Bambenek Consulting, comments, “At present, only RansomHub is using the tool. However, as it was sold on the dark web, it is more than likely that…

Read More

New honeypot techniques for addressing targeted attacks

Posted on by Admin
New honeypot techniques for addressing targeted attacks

Automated at-scale attack campaigns now represent the vast majority of online threats, and are starting to blend together with targeted attacks. As the number of these attacks increases, so does the cyber risk for organizations.   Unfortunately, the most common approaches to defense — including vulnerability management, phishing awareness, signature-based network and endpoint detection — are neither effective nor efficient in addressing these kinds of attacks because traditional third-party threat intelligence cannot provide adequate targeted…

Read More

Researchers discovered a new phishing kit on the dark web

Posted on by Admin
Researchers discovered a new phishing kit on the dark web

Researchers at SlashNext discovered a new phishing kit on the dark web. This phishing kit, known as FishXProxy Phishing Kit, starts with uniquely generated links that can evade initial suspicion. Cybercriminals on underground forums are advertising this kit as “The Ultimate Powerful Phishing Toolkit” due to the sophisticated tools it provides. Capabilities this phishing kit provides includes: Sophisticated antibot systems that utilize Cloudfare’s CAPTCHA and filter out security measures Redirection abilities that obscure intended destinations Page…

Read More

Navigating political polarization in the workplace

Posted on by Admin
Navigating political polarization in the workplace

In this episode of The Security Podcasts featuring Scott McHugh, retired CSO at LyondellBasell Chemical Company and Faculty at Rice University, we discuss the challenges security leaders face when navigating political polarization in the workplace. “This is actually not a new phenomenon,” Scott McHugh says. “It really started in the late ’90s, in the Clinton administration, and it’s just been manifesting itself through the years ever since then. And it’s become much more of a…

Read More

Olympics 2024: Cyber Attackers are Targeting Companies Associated With Paris Games

Posted on by Admin
Olympics 2024: Cyber Attackers are Targeting Companies Associated With Paris Games

Organisations linked to the Paris Olympics 2024 have an increased risk of cyber attacks, including ransomware, credential leaks and phishing campaigns, a study has found. Insikt Group, the threat research division of security firm Recorded Future, has already observed posts advertising access to Games-related organisations in France and compromised credentials using “paris2024[dot]org” domains on the Dark Web. These findings were published in a new report highlighting high-priority threats to the Games, based on an assessment…

Read More

How threat hunting secures organizations: A proactive security strategy

Posted on by Admin
How threat hunting secures organizations: A proactive security strategy

Threat hunting involves actively searching for threats instead of waiting for alerts from defense systems. It is about taking the initiative to find irregularities and deviations in computer systems. Often, there are no alerts to signal an intrusion. Threat hunting targets threats that have already bypassed automated detection systems. It facilitates the identification of attackers who have penetrated the infrastructure and are practically indistinguishable from legitimate users by standard security measures. Threat hunting complements automated…

Read More

Cyber attribution: Do you really need to know?

Posted on by Admin
Cyber attribution: Do you really need to know?

Although Agatha Christie might disagree, sometimes mysteries should remain unsolved — at least in the cyber realm. Cyber attribution — finding exactly who perpetrated a given cyberattack — has seemingly become a cybersecurity goal in and of itself. But do organizations really need to know? Recognizing the “who” behind cyberattacks (not just the “what” and “how”) provides critical insights into the attacker’s objectives, infiltration methods, covert communication channels and more. Effective incident response hinges on…

Read More

Navigating the identity security landscape

Posted on by Admin
Navigating the identity security landscape

In this episode of The Security Podcasts featuring Jeff Reich, Executive Director of the Identity Defined Security Alliance, we discuss the challenges security professionals are facing in the evolving landscape of identity security threats. “Something we see often is when we were asking the question, ‘how long do account stay active or in your system after someone leaves your organization?’ And certainly there are a number of organizations that say within two days it’s been…

Read More

Sign up for a Tour at the RSA Conference 2024 SOC

Posted on by Admin
Sign up for a Tour at the RSA Conference 2024 SOC

Join the guided tour outside the Security Operations Center, where we’ll discuss real time network traffic of the RSA Conference, as seen in the NetWitness platform. Engineers will be using Cisco Security Cloud in the SOC, comprised of Cisco Breach Protection Suite, User Protection Suite, Cloud Protection Suite and Secure Firewall. Incidents are investigated with Threat Intelligence, provided by Cisco Talos, partners Recorded Future, alphaMountain, Pulsedive and community sources. Outside the SOC, you will receive…

Read More

Diversifying the security workforce

Posted on by Admin
Diversifying the security workforce

In this episode of The Security Podcasts featuring Larry Whiteside, Jr., CISO at RegScale and Co-Founder and President at Cyversity, we discusses the importance of diversity within the security workforce, the challenges security leaders face during the hiring process and how critical mentorship is when it comes developing talent. “The reality is threat actors and our adversaries that are out there, and they don’t care about what someone looks like. They don’t care about what…

Read More
1 2 3 4 8