#Cyberdefense

Addressing the Cybersecurity Vendor Ecosystem Disconnect

by

May 16, 2024 at 05:54PM The cybersecurity industry faces challenges with data integration, collaboration, and customer security. Vendors’ hypercompetitive dynamic results in complexity, while new technology increases vulnerability. Collaboration, shared standards, greater data control, and investment in cross-technology integration are essential steps to improve network defense without compromising business health. Cooperation within the industry against … Read more

US AI Experts Targeted in SugarGh0st RAT Campaign

by

May 16, 2024 at 04:09PM Researchers suggest that the attacker is probably connected to China, as an earlier version of the malware was employed by a China-based nation-state attack group. Based on the meeting notes, the key takeaway is that researchers believe the attacker is likely China-affiliated, as a previous version of the malware was … Read more

Improving cyber defense with open source SIEM and XDR

by

May 15, 2024 at 01:16PM A cyber defense strategy is crucial for preventing, detecting, and responding to cyber attacks, mitigating financial loss, reputational damage, and legal repercussions. It involves risk assessment, technology selection, integration, incident response planning, continuous monitoring, and user awareness. Integrating Wazuh, a free, open source security solution, enhances threat detection, incident response, … Read more

Uncle Sam urges action after Black Basta ransomware infects Ascension

by

May 13, 2024 at 02:37PM Several US security agencies have issued advisories on the Black Basta ransomware gang, responsible for a recent attack on US healthcare provider Ascension. The group has targeted organizations across critical infrastructure sectors, including healthcare. Affected organizations are urged to apply recommended mitigations and report incidents to law enforcement. Ascension is … Read more

Hackers use DNS tunneling for network scanning, tracking victims

by

May 13, 2024 at 01:56PM Threat actors use DNS tunneling to track targets’ interactions with phishing emails, scan networks for vulnerabilities, and bypass firewalls. They encode data in DNS queries using algorithms like Base16 or Base64. “TrkCdn” and “SecShow” campaigns demonstrate how attackers track victims and scan networks using DNS tunneling. Unit 42 recommends DNS … Read more

CISA Courts Private Sector to Get Behind CIRCIA Reporting Rules

by

May 9, 2024 at 08:13PM CISA extends the feedback period for proposed CIRCIA incident reporting by 30 days. Concerns of additional red tape on cybercrime victims arise. CIRCIA law, requiring reporting within specific time frames, is in final stages at CISA. Congress allocated no extra resources for CISA to fulfill its responsibilities. CISA stresses coordinated … Read more

Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity

by

May 9, 2024 at 03:42PM Accenture Federal Services, a subsidiary of Accenture, secures a $789 million contract from the U.S. Navy for cybersecurity enhancement in maritime forces worldwide. The SHARKCAGE initiative aims to create a unified security perimeter, with Accenture working closely with the Navy’s cybersecurity teams. The partnership covers ashore and afloat systems, integrating … Read more

US Cyber Command Appoints Morgan Adamski as Executive Director

by

May 6, 2024 at 07:03AM Ms. Morgan M. Adamski has been appointed as the new Executive Director of United States Cyber Command (USCYBERCOM), effective early June 2024. With over 15 years of experience in cybersecurity, including roles at the National Security Agency, she will lead strategic initiatives and talent management to enhance the nation’s cyber … Read more

Expert-Led Webinar – Uncovering Latest DDoS Tactics and Learn How to Fight Back

by

May 3, 2024 at 09:57AM Summary: A webinar titled “Uncovering Contemporary DDoS Attack Tactics—How to Fight Back” will feature Andrey Slastenov, Head of Security at Gcore, discussing the escalating risks of DDoS attacks. Attendees will gain proactive defense strategies, practical tips, and have a chance to engage with the expert directly. The webinar aims to … Read more

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster

by

May 3, 2024 at 07:27AM Horizon3.ai has introduced a Rapid Response service to their NodeZero SaaS-based penetration testing platform, using a combination of autonomous AI and human expertise. This service aims to quickly identify and address critical vulnerabilities, staying ahead of potential attackers. Leveraging AI’s speed and human reasoning, the platform creates safe exploits and … Read more