How Attackers Exploit the Remote Desktop Protocol

The Remote Desktop Protocol (RDP) is one of the most popular communication protocols for remotely controlling systems. RDP comes with all current Windows operating systems, and its graphical user interface makes it an easy-to-use remote access tool. In addition, Microsoft positions it as the default method to manage Azure virtual machines running Windows.   It […]

The post How Attackers Exploit the Remote Desktop Protocol appeared first on Security Intelligence.

Continue reading How Attackers Exploit the Remote Desktop Protocol

When Is an Attack not an Attack? The Story of Red Team Versus Blue Team

Cybersecurity experts fill our days with terminology from warfare, including jargon such as red team versus blue team. The concept of ‘red team’ has its origin in wargaming. The red team plays an opposing force and attempts to bypass the barriers of the defending or blue team.   These exercises are not about winning or […]

The post When Is an Attack not an Attack? The Story of Red Team Versus Blue Team appeared first on Security Intelligence.

Continue reading When Is an Attack not an Attack? The Story of Red Team Versus Blue Team

Health Care Ransomware Strains Have Hospitals in the Crosshairs

The language of digital attacks shares a lot with the language of disease: ‘viruses’ ‘infect’ computers, and stopping their spread can be like trying to keep down a contagious disease. The two worlds also come together when threat actors attack using health care ransomware. When every minute could change the fate of a patient, preventing […]

The post Health Care Ransomware Strains Have Hospitals in the Crosshairs appeared first on Security Intelligence.

Continue reading Health Care Ransomware Strains Have Hospitals in the Crosshairs

Combating Sleeper Threats With MTTD

During the SolarWinds Orion supply chain compromise, threat actors lurked in the victim’s network for more than a year. Discovered by FireEye in December 2020, the earliest traces of a modified SolarWinds Orion go back as early as October 2019. Although these early versions did not contain the malicious backdoor (this was added in March […]

The post Combating Sleeper Threats With MTTD appeared first on Security Intelligence.

Continue reading Combating Sleeper Threats With MTTD

Cyber Resilience Strategy Changes You Should Know in the EU’s Digital Decade

For enterprises operating in Europe, the European Commission’s December 2020 EU Cybersecurity Strategy may dictate how you go about improving cyber resilience.    The 2020 EU Cybersecurity Strategy underlines the important role of cybersecurity for a growing EU economy and reinforcing user confidence in digital tools. The publication goes beyond cybersecurity policy and compliance aspects […]

The post Cyber Resilience Strategy Changes You Should Know in the EU’s Digital Decade appeared first on Security Intelligence.

Continue reading Cyber Resilience Strategy Changes You Should Know in the EU’s Digital Decade

Cybersecurity Ethics: Establishing a Code for Your SOC

Since security intersects so much with privacy, cybersecurity ethics decisions should be on your mind at work.  Being part of a high-performing computer security incident response team (CSIRT) or security operations center (SOC) involves making big, intentional decisions. Increasing the maturity of your team is more than dropping a bag of shiny new tools and technology […]

The post Cybersecurity Ethics: Establishing a Code for Your SOC appeared first on Security Intelligence.

Continue reading Cybersecurity Ethics: Establishing a Code for Your SOC

Incident Response: 5 Steps to Prevent False Positives

False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing how to screen for false positives saves time and makes the team more efficient at […]

The post Incident Response: 5 Steps to Prevent False Positives appeared first on Security Intelligence.

Continue reading Incident Response: 5 Steps to Prevent False Positives

Which Incident Response Investments Are You Prioritizing in 2020?

Developing, testing and improving incident response plans should be the number one priority for future investment by organizations, but there are more areas to look into in 2020.

The post Which Incident Response Investments Are You Prioritizing in 2020? appeared first on Security Intelligence.

Continue reading Which Incident Response Investments Are You Prioritizing in 2020?

Improve Your Detection Capabilities With Cyber Simulation Datasets

Every organization must develop methods of testing and improving existing detection capabilities, from on-paper assessments to a full-blown cyber simulation.

The post Improve Your Detection Capabilities With Cyber Simulation Datasets appeared first on Security Intelligence.

Continue reading Improve Your Detection Capabilities With Cyber Simulation Datasets

Measure and Improve the Maturity of Your Incident Response Team

Incident response and management requires continual growth. Your team will not become proficient overnight.

The post Measure and Improve the Maturity of Your Incident Response Team appeared first on Security Intelligence.

Continue reading Measure and Improve the Maturity of Your Incident Response Team