For many cybercrime investigators, it's all about finding indicators of compromise - evidence a crime has been committed. Sam Curry of Cybereason describes the value of making a shift to cataloging indicators of behavior.
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
In a series of recent attacks attributed to the umbrella criminal group known as Magecart, malicious JavaScript code was injected into over 80 e-commerce websites to steal credit card and other customer data, according to a new report from the security firm Arxan, which highlights the sites' vulnerabilities.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
The World Economic Forum recently identified "cyberattacks and data integrity concerns crippling large parts of the internet" as one of the top 10 global risks. Jaime Chanaga of NTT talks about the significance of that announcement and the concerns global security leaders face headed into 2020.
Deception technology is attractive in that it offers - in theory - low false positives and critical clues to attackers' methodologies. But the benefits depend on its ability to fool attackers and whether organizations can spare the time to fine-tune it.
The group behind the Cloud Atlas cyber espionage campaigns, which were first detected five years ago, is now deploying polymorphic techniques designed to avoid monitoring and detection, according to researchers at Kaspersky Lab.
Two pillars of a successful and proactive SOC are threat hunting and incident response. The use of network traffic analysis can help improve performance in these two areas, if you can trust the data. This session will explain how attackers can hide and misuse logs, agents, and standard security tools, and demonstrate...
Security practitioners must go beyond buzzwords, such as threat hunting, "and translate it into implementation effectiveness - controls that really sustain over a period of time," says Ashish Thapar of Verizon Enterprise Solutions, who offers an assessment of the cybersecurity threat landscape in the APAC region.
Fortinet's FortiGuard Labs global threat research team is creating research playbooks that provide deep-dive analysis of not only threat trends, but also cybercriminal and adversary tools and techniques. Derek Manky and Tony Giandomenico discuss the playbook model and how it can help in the fight against cybercrime.
Capital One's enormous data breach is a subject of intense scrutiny as well as fear. A definitive post mortem is likely months away. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it.
Software vulnerabilities sometimes have an uncanny knack of revealing themselves, even when a bug hunter is looking someplace else. Sam Curry's probing eventually revealed a cross-site scripting flaw in a Tesla service, which netted him a $10,000 bounty.
Cyber adversaries are resilient and move quickly, so it'st critical that organizations share threat intelligence in an automated way, says Shawn Henry of CrowdStrike Services. But that sharing has been hampered by a lack of understanding of why it's important and how organizations can benefit, he says.
Malicious actors are increasingly using social media platforms to spread malware to unsuspecting victims. In the latest incident, Facebook removed more than 30 pages from its platform after security analysts with Check Point Research found that a hacker had loaded them with malware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.