Security News

Google is buying pre-eminent threat intel firm Mandiant for $5.4bn, the two companies announced this morning. "Cyber security is a mission, and we believe it's one of the most important of our generation. Google Cloud shares our mission-driven culture to bring security to every organization," said Kevin Mandia, CEO of Mandiant in a canned statement.

The increased adoption of hybrid work models means security teams are increasingly challenged to keep users connected and networks secure. Securing devices is a growing challenge for organizations now unable to rely on connecting endpoints to campus networks for visibility and pushing updates.

Unpatched vulnerabilities refer to weaknesses that allow attackers to leverage a known security bug that has not been patched by running malicious code. A report found that unpatched vulnerabilities are the most consistent and primary ransomware attack vectors.

61% of survey participants indicate a gap exists in the perception of cybersecurity risk to their ICS facilities between OT/ICS cybersecurity front-line teams and other parts of the organization. Targeting ICS operations using ransomware is a goal of the adversary as targeting ICS operations can lead to higher and quicker payouts.

CrowdStrike is bringing its identity threat prevention technology to its managed detection and response service, giving enterprises a chance to blunt the growing threat of identity-based attacks that has accelerated during the COVID-19 pandemic. The cloud-based cybersecurity vendor on Wednesday unveiled Falcon Identity Threat Protection Complete, a fully managed service organizations can use to deploy automated protection and real-time detection of threats; obtain expert incident response after detection; and accelerate the time to respond to eliminate any danger.

Threat actors are now executing attacks at speeds never witnessed before. Say, a suspicious event is found on Point Product A. The first action that probably needs to be done is a cross-reference with Point Product B and/or Point Product C. Then another step may be needed to cross-verified with a SIEM. This manual process must be done quickly to keep up with the speed of the threat attacks.

The worst security looks much the same as the best. By way of justifying the invasion, he made a speech saying that Ukraine is not a country, that the West is an evil empire, and that Russia's security concerns are paramount.

In this interview with Help Net Security, Brian Dye, CEO at Corelight, talks about the trend of creating separate SIEMs for threat hunting and why this is not achieveable for all organizations. We are seeing companies establishing separate SIEMs for threat hunting.

Security, orchestration, automation, and response platforms try to make analysts' lives easier by mapping out automated incident response playbooks that coordinate activities between security appliances. The AI comes in especially useful here given email's popularity as an attack vector.

It offers businesses a free solution to the following top six cyber threats - and then some. Once it gets into a business network, it will encrypt valuable data and demand payment to return access to that data to the business.