Security News

Neal Dennis: There's a lot of good things out there that are kind of one-offs, or staging one-offs, when the campaigns in the cyberwar kick off. You're kind of out in front of the threats as a community.

Why intelligence sharing is important to help get ahead of attacks. If knowledge is shared with others, they can thwart attacks sooner.

McAfee announced significant expansion of its MVISION Extended Detection and Response solution by correlating the extensive telemetry of McAfee's endpoint security solution, Secure Access Service Edge solution, and threat intelligence solution powered by MVISION Insights. These integrations protect organizations against the most advanced threats while simplifying security operations with unified control and visibility from device to cloud.

Machine data solutions firm Splunk announced Tuesday that it has agreed to acquire TruSTAR, a San Francisco-based company that provides a threat intelligence platform designed to integrate various threat data sources and improve detection and response times. Founded in 2014, TruSTAR's platform collects and enriches internal and external data sources to automate the dissemination of intelligence to various tools and teams.

A survey from the Ponemon Institute recently found that insider threats increased by 47 percent from 2018 to 2020. The cost of insider threat incidents also rose by 31 percent from $8.76 to $11.45 million during the same time period.

While it's true that threat hunting, incident response, and threat research all have their foundations in science, throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat researchers are far more artist than scientist. When you write reports about your threat research that will be released publicly, do not simply annotate the threat you documented.

In this complicated and fast-evolving setting, how prepared is the intelligence community to identify, assess, and mitigate possible threats before they become realities? To predict specific future violence, a protective intelligence investigation must determine: "Whether an individual has the motive and means to develop or act on an opportunity to attack a protected person. A primary task of the investigator is to gather information, some of which may later be used as evidence, that can be used to determine whether the individual poses a threat to a protected person." - U.S. Department of Justice.

90% of security leaders view bot management as a top priorityHUMAN published a research into security leaders' perceptions of and responses to sophisticated bot attacks. May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holesAdobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others.

IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him. What happened next united infosec professionals across the world as well as triggering a crowdfundraiser and a behind-the-scenes legal war: we're told Apperta sent Dyke legal demands, and followed those up by alleging to the cops that he broke Britain's computer security laws.

Sophos' Rapid Response team had, among other things, the new Sophos XDR solution at their disposal - an industry-first extended detection and response solution that synchronizes native endpoint, server, firewall, and email security. Sophos XDR gathers relevant sensory information from the organization's entire IT environment and security ecosystem and allows threat hunters to view the complete picture and detect and inspect clues that may otherwise go unnoticed.