SANS’s 2024 Threat-Hunting Survey Review

June 5, 2024 at 12:48PM The 2024 SANS Threat-Hunting Survey reveals a growing maturity in threat-hunting methodologies, reflecting an increased adoption of formal processes in cybersecurity strategies. The survey also highlights evolving practices in sourcing intelligence, outsourcing threat hunting, and challenges related to skill shortages and tool limitations. Organizations are striving to enhance threat hunting … Read more

Chinese hackers hide on military and govt networks for 6 years

May 22, 2024 at 09:32AM “Unfading Sea Haze,” a previously unknown threat actor, is targeting military and government entities in the South China Sea region, displaying alignment with Chinese geo-political interests. Their attacks involve abusing MSBuild for fileless malware and deploying various tools such as custom keyloggers and info-stealers. To counter these attacks, organizations require … Read more

NCSC Says Newer Threats Need Network Defense Strategy

April 19, 2024 at 12:36PM The NCSC warns that network defense strategies must adapt to newer threats, as attackers exploit vulnerabilities in network perimeter products like firewalls and VPNs. They suggest demanding security evidence from vendors, avoiding unverified products, reducing risk in self-hosted solutions, ensuring developer accountability, and adopting a cloud-first approach to security, emphasizing … Read more

For Service Accounts, Accountability Is Key to Security

April 18, 2024 at 08:42AM Over 32 years in cybersecurity, managing risks related to service accounts has been a constant challenge. Service accounts should have limited access and perform specific functions. However, managing and securing them is often overlooked. Common gaps in knowledge include lack of visibility and understanding of the necessity and ownership of … Read more

Kim Larsen New Chief Information Security Officer at SaaS Data Protection Vendor Keepit

April 16, 2024 at 04:29PM Kim Larsen, a seasoned cybersecurity leader with 20+ years of Govt and private sector experience, has joined Keepit as the new CISO. Larsen’s expertise spans business-driven security, risk management, and aligning digital strategies. His strategic insights and unique perspective position him to elevate Keepit’s security advisory capabilities and future services. … Read more

You Against the World: The Offenders Dilemma

April 16, 2024 at 07:42AM The article emphasizes the need for careful selection of modeling, preparation, and fortification techniques to counter the wide array of tools that foreign attackers possess. It highlights the complexity of the offenders’ dilemma in the realm of security. It seems like this meeting discussed the challenges posed by foreign attackers … Read more

NSA Appoints Dave Luber as Cybersecurity Director 

April 8, 2024 at 06:30AM Dave Luber has been named the new cybersecurity director of the NSA, succeeding Rob Joyce who retired on March 31. Luber, with over 30 years of experience in various cybersecurity roles, will lead the agency’s efforts to combat cyber threats and work with partners across the community. Key takeaways from … Read more

Iran’s Evolving Cyber-Enabled Influence Operations to Support Hamas

March 29, 2024 at 07:59AM Understanding Iran’s techniques and having comprehensive threat intelligence can provide organizations with an advantage in detecting and protecting against these attacks. Based on the meeting notes, it is clear that understanding Iran’s techniques, along with comprehensive threat intelligence, can provide organizations with an advantage in identifying and defending against the … Read more

Windows SmartScreen Bypass Flaw Exploited to Drop DarkGate RAT

March 14, 2024 at 10:28AM Attackers are using Google redirects in a phishing attack, exploiting a patched vulnerability to spread multifaceted malware. Based on the meeting notes, the key takeaway is that attackers are utilizing Google redirects in their phishing attacks, taking advantage of a previously patched vulnerability to distribute complex malware. Full Article

Demystifying a Common Cybersecurity Myth

March 13, 2024 at 12:21PM OPSWAT CEO Benny Czarny analyzes the challenges of securing file upload cybersecurity, emphasizing the limitations of three common tools used alone: anti-malware scanning, web application firewalls, and sandboxing. OPSWAT’s MetaDefender Platform offers a comprehensive defense-in-depth strategy combining multiple antivirus engines, deep content disarm and reconstruction, proactive data loss prevention, and … Read more