Security News

New DNS vulnerabilities have the potential to impact millions of devicesForescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK. FBI removes web shells from hacked Microsoft Exchange serversAuthorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States. The benefits of cyber threat intelligenceIn this Help Net Security podcast, Maurits Lucas, Director of Intelligence Solutions at Intel 471, discusses the benefits of cyber threat intelligence.

In this Help Net Security podcast, Maurits Lucas, Director of Intelligence Solutions at Intel 471, discusses the benefits of cyber threat intelligence. You need to plan and invest both time and resources well ahead of time to make sure you're at the right position at the right time to collect intelligence.

Autohost launched the Autohost Threat Intelligence platform to help hotels and short-term rental property managers and operators guard against a growing number of risks, including deceptive bookings, identity theft and credit card fraud. The Autohost Threat Intelligence platform is open source, cloud-based and able to integrate with property management systems, and other platforms that operators leverage, to provide additional security context for guest vetting.

FiVerity announces that it closed a $2 million round of financing to expand its cyber fraud detection and threat intelligence platform, which addresses growing types of cyber fraud for financial institutions. Addressing the escalating rise in cyber fraud, FiVerity has initially focused on fighting synthetic identity fraud - the fastest growing financial fraud at 25% per year that accounts for 20% of consumer credit losses, according to the Federal Reserve, and cost the industry over $20bn last year.

Viasat announced it is part of an elite community of commercial service providers approved to receive cyber threat intelligence through the Department of Homeland Security Enhanced Cybersecurity Services program. As an accredited ECS provider, Viasat will receive DHS-provided sensitive and classified cybersecurity threat indicators and information to defend U.S.-based public and private computer networks, including state and local governments, against unauthorized access, exploitation and data exfiltration.

More organizations are producing and consuming cyber threat intelligence than ever before, and those measuring the effectiveness of their CTI programs is higher than ever - jumping from 4% in 2020 to 38% in 2021, according to the SANS 2021 Cyber Threat Intelligence Survey. A few areas where CTI adoption seems to be lacking are in integration, automation and operationalizing threat intelligence.

Be we have to balance this and also not turn remote work into a world where everyone must be available 24/7. People still need to be able to shut off work as well. What we lost in the ability to meet directly with people can be a benefit in a remote world where managers and leaders - who are often the stakeholders the intelligence team needs to talk to - are able to be more efficient.

Anomali has added new features and capabilities across its product suite that further automate and speed essential tasks performed by threat intelligence and security operations analysts. To provide capabilities that work in real-world investigation scenarios, Anomali Threat Research analysts applied their expertise to aid in the design and development of pre-customized, themed threat intelligence dashboards.

Spamhaus Technology releases its Intelligence API. This is the first time Spamhaus has released its extensive threat intelligence via API, providing enriched data relating to IP addresses exhibiting compromised behaviour. Available free of charge, developers can readily access enhanced data that catalogues IP addresses compromised by malware, worms, Trojan infections, devices controlled by botnets, and third party exploits, such as open proxies.

Whether working within a company that has deployed an advanced intelligence program or in one just getting started, there are steps we can take to ensure we're investing in the right mix of products, services and feeds. Data is the lifeblood of threat intelligence programs, but we can't implement a successful program based on feeds alone.