Security News

Virtual Event Keynote: John Lambert, Microsoft Threat Intelligence Center
2021-05-26 15:13

In this presentation, Microsoft's John Lambert will talk about how it's more important than ever for defenders and organizations to come together and better share information that can help the entire ecosystem protect against emerging threats. The good news is there are industry frameworks and sharing mechanisms already in place to facilitate actionable threat intelligence and defense collaboration.

‘Privateer’ Threat Actors Emerge from Cybercrime Swamp
2021-05-26 12:01

While privateer cybercriminal groups are not specifically state-sponsored, they may carry out activities of the protecting state anyway due to pressure to engage in specific actions or target specific entities, according to the post. Privateers fall in the third tier of cybercrime groups below those specifically sponsored by governments at the top, commonly known as APTs and which receive explicit direction and financial support by a nation-state.

Threat Actor ‘Agrius’ Emerges to Launch Wiper Attacks Against Israeli Targets
2021-05-25 20:26

A new attack group called Agrius is launching damaging wiper attacks against Israeli targets, which researchers said are hiding behind ransomware to make their state-sponsored activities appear financially motivated. Researchers added that the wiper attacks were conducted using a secondary malware called "Deadwood", which Sentinel Labs said has "Unconfirmed links to an Iranian threat group."

Combatting Insider Threats with Keyboard Security
2021-05-25 15:20

As cyberattacks snowball and insider threats become an ever-larger part of the problem, it may be time to move beyond purely software-based cyber-defenses. Insider threats have become an alarmingly significant source of risk.

FBI Analyst Indicted for Theft of Osama bin Laden Threat Intel
2021-05-24 16:23

An FBI analyst with top-secret security clearance illegally squirreled away national-security documents related to Osama bin Laden, al-Qaeda, cybersecurity and more in her home for years, the feds say. Kendra Kingsbury, who was working in the FBI's Kansas City Division until being put on leave in December 2017, has been indicted by a federal grand jury for allegedly routinely removing numerous documents from their safekeeping at the office, over and over during the period between June 2004 to Dec. 15, 2017.

FBI Analyst Charged With Stealing Counterterrorism and Cyber Threat Info
2021-05-22 04:07

The federal indictment charged Kendra Kingsbury, 48, with two counts of having unauthorized possession of documents relating to the national defense, according to an unsealed indictment that was made public on Friday. Kingsbury worked as an intelligence analyst in the FBI's Kansas City Division for more than 12 years, until her suspension in 2017.

Building SIEM for Today’s Threat Landscape
2021-05-21 18:25

In its early days, SIEM was shaped by new compliance drivers that dominated the era, like PCI or HIPAA. In more recent years, SIEM has evolved to handle the convergence of platforms while accelerating threat detection against sophisticated ransomware and malware. Why SIEM is an Ideal Setup, Now More Than Ever SIEM software uses analytics engines to match events against an organization's policies.

The 3 elements of a sound threat intelligence program
2021-05-20 17:27

To give themselves an edge, many organizations set up threat intelligence programs. "I've seen a lot of threat intelligence programs that are just about pretty reports or some metric [such as] how many attacks we have seen on our website," said Shi.

Expert: Sharing intelligence on threats helps everyone fight cyberattacks
2021-05-19 15:39

Neal Dennis: There's a lot of good things out there that are kind of one-offs, or staging one-offs, when the campaigns in the cyberwar kick off. You're kind of out in front of the threats as a community.

Stopping cybersecurity threats is a community effort, expert says
2021-05-19 15:37

Why intelligence sharing is important to help get ahead of attacks. If knowledge is shared with others, they can thwart attacks sooner.