With cyberattacks, online espionage and data breaches happening at a seemingly nonstop pace, Western intelligence agencies are bringing many of their capabilities out of the shadows to help businesses and individuals better safeguard themselves and respond. We need all the help we can get.
How well-equipped is your organization to stop malicious attackers once they're inside your network. According to this study of over 600 IT security professionals, almost two-thirds of respondents lack efficient capabilities to detect and investigate stealth attackers before serious damage occurs.
Download this...
TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, security researchers warn in a new report.
The director of Britain's GCHQ intelligence agency said at this week's CyberUK conference that declassifying and putting "time-critical, secret information" for stopping online threats into the public's hands "in a matter of seconds" is an imperative.
A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns. Experts say defenses against DNS hijacking lag.
Does your organization have a plan for cybersecurity? Digital technology is touching every aspect of our lives, which is giving bad actors an unlimited runway to create new threats daily. It's this atmosphere that makes it imperative that organizations are prepared, informed and actively hunting for adversaries.
...
A common complaint among threat intelligence analysts is the near impossibility of searching global
threat intelligence feeds to find the specific threat and vulnerability information that matters to their
organization.
The underlying problem here is the lack of visibility across all internal files and objects....
In 2017, 15,038 new CVEs were published, up from 9,837 in 2016. Last year, 16,500 new CVEs were disclosed. With vulnerabilities growing year after year, patching every potential threat to your business is a futile exercise. The need to prioritize is clear, but where to start, especially when CVSS categorizes the...
Charles Henderson, global managing partner for IBM X-Force Red, reviews some of the top new cybersecurity threats to organizations discovered by his team.
The information provided in a domain name system is far deeper than just those transactions that take place. A DNS provides much more granular information around some security risks, although CISOs tend to overlook this information, says Stuart Reed of Nominet.
Netscout is out with its latest threat report, and the research offers some startling new insights into DDoS, advanced threats and the commercialization of cybercrime. Hardik Modi offers analysis.
CenturyLink has opened Black Lotus Labs, which focuses on threat research used to share information with customers as well as initiate takedowns of networks used to support cybercrime activities, says Peter Brecl, a director at the company.
Given the unsustainability of the status quo, it's a question worth considering.
Technology constantly advances. Businesses now leverage the cloud, mobility, AI, IoT, and blockchain
in ways that were once unthinkable. So no one can credibly claim that the same technologies they used
to empower their business a few...
Threat hunting is a critical but labor-intensive task for security analysts. But automation can provide significant advantages, says Steven Grossman of Bay Dynamics.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.