Security News

HYAS, a leader in threat intelligence and attribution, announced HYAS Insight, a threat intelligence and attribution solution that improves visibility and productivity for analysts, researchers and investigators while vastly increasing the accuracy of their findings. HYAS Insight lets analysts connect specific attack instances and campaigns to billions of historical and real-time indicators of compromise faster than ever before, bringing invaluable new intelligence and visibility to security efforts.

Security, unlike traditional sports, is not a finite game bound by a certain set of rules and a game clock. Given the inability of organizations to deal with the unknowns, security teams need to tilt the game in their favor by joining forces with other organizations in their sector, geography and implementing a strategy of simplifying and expanding intelligence sharing to gain greater visibility into the game before the attacker makes a move.

Identity management firm Auth0 has launched Auth0 Signals, a collection of threat intelligence tools and capabilities designed to protect customers from identity attacks. The purchased company's knowledge of malicious IP addresses provides an additional source of IP threat intelligence to Auth0's anomaly detection engine, which protects Auth0 customers.

First question for the podcast, Todd, what is open threat intelligence and what is driving it? That's really what is driving this movement, a desire to have a broader and more open view of threat intelligence.

The U.S. Department of Justice's Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, at the same time, want to stay on the right side of the law. The document focuses on "Information security practitioners' cyber threat intelligence-gathering efforts that involve online forums in which computer crimes are discussed and planned and stolen data is bought and sold. It also contemplates situations in which private actors attempt to purchase malware, security vulnerabilities, or their own stolen data-or stolen data belonging to others with the data owners' authorization-in Dark Markets."

In this podcast recorded at RSA Conference 2020, we're joined by the ThreatQuotient team talking about a threat-centric approach to security operations, the evolution of threat intelligence and the issues surrounding it. We are here today with the ThreatQuotient team to talk about all things security operations, the human element of cybersecurity, and the evolving landscape of threat intelligence.

Eliminate guesswork and get in-depth insights and practical recommendations for navigating the ever-changing cybercrime landscape. This data-laden, incident-rich report delivers insider information on the players, their motivations, tactics and targets so you can make informed security strategy decisions.

Cyber-threat intelligence company Sixgill this week announced the closing of a $15 million funding round. The new funding, Sixgill says, will be invested in expanding its global operations and strengthening core products to support its growing portfolio.

Recently released, eSentire's 2019 Threat Intelligence Report: Perspectives from 2019 and Predictions for 2020 provides visuals, data and written analysis, as well as practical recommendations for readers seeking to understand and better respond to the cybersecurity threat landscape. Nation states: Most nationally sponsored cybersecurity incidents take the form of espionage through data exfiltration.

White Ops, the global leader in bot mitigation, verifying the humanity of more than 1 trillion digital interactions per week, announced the appointment of Dr. Russell Handorf, former Computer Scientist with the FBI, to Principal Threat Intelligence Hacker. In his new role, Dr. Handorf will lead investigations and operations into dark corners of the open, deep, and dark net to uncover and detail the workings of cybercriminals in an effort to protect White Ops customers-and internet customers on the whole-from malicious activity and sophisticated bot attacks.