Security News

Every SOC on the planet is grappling with the challenges of integrating detection techniques and response processes for public cloud computing. This presentation by Rich Mogull, SVP Cloud Security at FireMon, delves into the details with a framework for modernizing response operations, combined with technical details and examples.

FIN7 is a threat actor that mostly focuses on stealing financial information, but it also sells sensitive information stolen from companies. FIN7 started using ransomware in 2020, being affiliates of a few of the most active ransomware groups: Sodinokibi, REvil, LockBit and DarkSide.

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st and December 1st, 2022.

When it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains. "Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to look beyond the horizon to ensure a proactive posture," said John Fokker, Head of Threat Intelligence, Trellix.

Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time. As exposed in new research from Cisco Talos, threat actors might leverage event handling functions in Excel files in order to automatically launch.

As the internet continues to expand and connect more people and devices than ever before, the need for effective cyber threat intelligence sharing has never been greater. In today's interconnected world, a threat to one organization can quickly become a threat to many others, making it essential for businesses and other organizations to share information and work together to stay safe online.

The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network. "The most recent distribution of Zerobot includes additional capabilities, such as exploiting vulnerabilities in Apache and Apache Spark, and new DDoS attack capabilities," Microsoft researchers said.

With the rapid expansion of Internet-connected devices, both consumer and industrial, the cyber-threat landscape is growing faster than individuals' ability to keep up. Comcast's biennial take on consumer cyber health, the 2022 Xfinity Cyber Health Report, found that there are an average of 15 connected devices per household, up 25% from 2020 - with "Power users" having as many as 34.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.