Advanced Persistent Threat (APT)

CISA’s Known Vulnerabilities Impact 15M Public Services

Posted on June 14, 2023 by Jonathan Reed

CISA’s Known Exploited Vulnerabilities (KEV) catalog is the authoritative source of information on past or currently exploited vulnerabilities. In a new report, the Rezilion research team analyzed vulnerabilities in the current KEV catalog. The results revealed a whopping 15 million vulnerable instances. And the majority of the occurrences were Microsoft Windows instances. Rezilion notes that […]

The post CISA’s Known Vulnerabilities Impact 15M Public Services appeared first on Security Intelligence.

Continue reading CISA’s Known Vulnerabilities Impact 15M Public Services→

Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign

Posted on May 31, 2023 by AJ Vicens

A group called “Dark Pink” is likely based in Southeast Asia and shows signs of development and ongoing activity, researchers say.

The post Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign appeared first on CyberScoop.

Continue reading Southeast Asian hacking crew racks up victims, rapidly expands criminal campaign→

HEAT and EASM: What to Know About the Top Acronyms at RSA

Posted on May 18, 2023 by Sue Poremba

The cybersecurity industry is littered with acronyms. SIEM. EDR. APT. CISO. CISA. The list goes on and on. So it wasn’t surprising that there were a lot of acronyms in RSAC 2023’s sessions and keynotes, as well as in the dozens of news items and studies released during the conference. The hottest acronym, by far, […]

The post HEAT and EASM: What to Know About the Top Acronyms at RSA appeared first on Security Intelligence.

Continue reading HEAT and EASM: What to Know About the Top Acronyms at RSA→

How Morris Worm Command and Control Changed Cybersecurity

Posted on May 1, 2023 by Jonathan Reed

A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable data. The key to all this is a well-developed Command and Control (C2 or C&C) […]

The post How Morris Worm Command and Control Changed Cybersecurity appeared first on Security Intelligence.

Continue reading How Morris Worm Command and Control Changed Cybersecurity→

Breaking Down a Cyberattack, One Kill Chain Step at a Time

Posted on March 14, 2023 by Mark Stone

In today’s wildly unpredictable threat landscape, the modern enterprise should be familiar with the cyber kill chain concept. A cyber kill chain describes the various stages of a cyberattack pertaining to network security. Lockheed Martin developed the cyber kill chain framework to help organizations identify and prevent cyber intrusions. The steps in a kill chain […]

The post Breaking Down a Cyberattack, One Kill Chain Step at a Time appeared first on Security Intelligence.

Continue reading Breaking Down a Cyberattack, One Kill Chain Step at a Time→

Beware of What Is Lurking in the Shadows of Your IT

Posted on December 21, 2022 by John Dwyer

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT […]

The post Beware of What Is Lurking in the Shadows of Your IT appeared first on Security Intelligence.

Continue reading Beware of What Is Lurking in the Shadows of Your IT→