At a time when security professionals are faced not only with a barrage of threats, but with a myriad of threat intelligence data sources, it can be challenging to know when to stop an investigation. Often these skills are learned over time and require a multitude of dead ends before developing a "gut instinct."...
Our goal with this report has always been to track the ever-shifting contours of the cyber-threat landscape and communicate what
we're seeing to our readers.
Generally speaking, the TLI is based on the premise that if organizations are seeing more threats more frequently, then things are
getting worse. If the...
Insider incidents are a chronic problem
for organizations. Back in 2009, the
National Computer Security Survey
noted that "Forty percent of all incidents
reported... were attributed to insiders".
Fast forward almost a decade, and that's still true.
Download this whitepaper to learn more about:
Cryptocurrency offers both immediacy and anonymity - traits that are attractive to threat actors looking to exploit organizations via ransomware or cryptomining. Laurence Pitt of Juniper Networks discusses why healthcare entities are uniquely vulnerable.
Can you answer this question with a confident yes?
When security controls fail, can you detect unusual and anomalous activity with sufficient context to accurately ascertain the risk to the organization?
Most organizations don't even know when security controls have failed. This is a primary reason why intrusions...
InfoWars' website was briefly affected by the Magecart payment card skimming malware, a finding that triggered a fiery response from the far right commentary site. But InfoWars is just one in a long line of victims of the malware.
Research shows that 51% of data breaches include the usage of malware, whether for initial breach, expansion within the network or heisting data. Yet despite malware being a pivotal attack vector, companies are unable to defend against data-theft malware running wild in their network. In fact, some of the biggest and...
When implementing endpoint security solutions in healthcare environments, a critical consideration is the impact of the technology on clinical workflow, says Dave Summitt, CISO at the H. Lee Moffitt Cancer Center and Research Institute.
Financial services have historically been at the forefront of adapting to changes in technology, regulations and consumer behavior. While businesses focus on the challenges of customer experience, digital transformation and cloud adoption, the industry is dealing with increased risks posed by operational challenges...
Hackers behind the FASTCash ATM cash-out attack campaign - tied by the U.S. government to North Korea - use Trojan code designed to exploit bank networks running outdated versions of IBM's AIX Unix operating system, Symantec warns.
Two years after Mirai botnets first appeared, security researchers say telnet-targeting botnets are attempting to compromise internet of things devices by pummeling them with 1,065 different username/password combinations. Some of these attacks are designed to install Linux DDoS malware.
Malware continues to routinely evades organizations' cyber defenses. It lurks inside networks waiting to execute attacks that can cause significant damage. Automated Static Analysis of binary files enables security teams to unlock an array of new threat intelligence, hunting, analysis, and rapid response...
Dynamic analysis is widely deployed as an automated way to understand the actions of potential malware.
However, there are limitations; it is unable to keep up with the large volume of malware that security teams must deal with daily, while evaluating only a subset of objects and files.
Download this whitepaper to...
The lack of visibility into your organization's network means threat hunters cannot adequately identify undetected malware.
Download this whitepaper to learn how automated static analysis technology provides a unique ability to create local file intelligence with the tools to identify and neutralize undetected...
The notorious GandCrab ransomware-as-a-service gang has released the latest version of its crypto-locking malware, backed by crypter service and exploit toolkit partnerships. But the gang's marketing savvy belies shoddy code-development practices, security firm McAfee finds.