Black Hat USA 2017 – WindowsTechs.com

The three least effective enterprise security measures

Posted on September 20, 2017 by Help Net Security

Fifty-nine percent of respondents to a Bitglass survey at Black Hat USA 2017 identified phishing as the best data exfiltration strategy, as human error and ignorance will always be exploitable. Understandably, and in line with recent cyberattacks, malware and ransomware ranked second, at nearly 27 percent. Least effective enterprise security measures Hackers also pointed out the three least effective enterprise security measures: password protection, facial recognition and access controls. “Phishing and malware are threats made … More → Continue reading The three least effective enterprise security measures→

Visual network and file forensics with Rudra

Posted on September 12, 2017 by Mirko Zorz

In this podcast recorded at Black Hat USA 2017, Ankur Tyagi, senior malware research engineer at Qualys, talks about visual network and file forensics. Here’s a transcript of the podcast for your convenience. I am Ankur Tyagi from Qualys. I am the senior malware research engineer over here, and in this podcast for Help Net Security, I will be talking about visual network and file forensics. So, in recent times you might have known there … More → Continue reading Visual network and file forensics with Rudra→

Emerging threats fuel public threat intelligence sharing

Posted on September 7, 2017 by Help Net Security

Concerns around emerging threats such as ransomware and polymorphic malware have sparked a significant increase in collaboration by the cyber security industry, according to AlienVault. According to the survey of over 600 conference participants at Black Hat USA, security professionals are most worried about threats that are constantly evolving and can evade traditional defenses. The largest group of respondents (43%) cited ransomware as their biggest security concern, while the second largest group, 31%, were most … More → Continue reading Emerging threats fuel public threat intelligence sharing→

Leveraging social media in advanced threat intelligence

Posted on August 30, 2017 by Mirko Zorz

In this podcast recorded at Black Hat USA 2017, Christian Lees, CISO at InfoArmor, discusses how leveraging social media helps to understand the motives and threat landscape from threat actors. Here’s a transcript of the podcast for your convenience. My name is Christian Lees, I’m the CISO of InfoArmor, also in charge of data feeds. Recently we spent a lot of time working on our social media platform. We really like to use this kind … More → Continue reading Leveraging social media in advanced threat intelligence→

Complete and continuous cloud infrastructure protection

Posted on August 29, 2017 by Mirko Zorz

In this podcast recorded at Black Hat USA 2017, Hari Srinivasan, Director of Product Management at Qualys, talks about the challenges involved in securing clouds, and explains how to gain complete visibility and security of your cloud infrastructure using Qualys CloudView. Here’s a transcript of the podcast for your convenience. Hello there, my name is Hari Srinivasan, I’m the Director of Product Management with Qualys. Qualys recently launched Qualys CloudView. Qualys CloudView provides you with … More → Continue reading Complete and continuous cloud infrastructure protection→

Know your adversary: Focus on social engineering

Posted on August 28, 2017 by Mirko Zorz

In this podcast recorded at Black Hat USA 2017, Tim Roberts, Senior Security Consultant at NTT Security, talks about social engineering and emphasizes the importance of security awareness and security culture. Here’s a transcript of the podcast for your convenience. Hi, my name is Tim Roberts. I work for NTT Security Threats Services Group. We provide service offerings for offensive security testing. This includes network application, wireless mobile penetration testing, as well as on-site social … More → Continue reading Know your adversary: Focus on social engineering→

Understanding the dark web and how it factors into cybersecurity

Posted on August 23, 2017 by Mirko Zorz

In this podcast recorded at Black Hat USA 2017, Eric Olson, VP of Intelligence Operations at LookingGlass Cyber Solutions, talks about the dark net and how it factors into cyber security. Here’s a transcript of the podcast for your convenience. Well, thank you Eric for joining us today. You need to really help our audience understand a bit more about the dark net because quite frankly, everybody thinks that it’s all bad things in the … More → Continue reading Understanding the dark web and how it factors into cybersecurity→

How security pros look at encryption backdoors

Posted on August 18, 2017 by Help Net Security

The majority of IT security professionals believe encryption backdoors are ineffective and potentially dangerous, with 91 percent saying cybercriminals could take advantage of government-mandated encryption backdoors. 72 percent of the respondents do not believe encryption backdoors would make their nations safer from terrorists, according to a Venafi survey of 296 IT security pros, conducted at Black Hat USA 2017. “Giving the government backdoors to encryption destroys our security and makes communications more vulnerable,” said Kevin … More → Continue reading How security pros look at encryption backdoors→

The human point: Gaining visibility into the context behind user actions

Posted on August 17, 2017 by Mirko Zorz

In this podcast recorded at Black Hat USA 2017, Dr. Richard Ford, Chief Scientist at Forcepoint, talks about the security industry’s need of a paradigm shift toward examining user behavior and intent. Here’s a transcript of the podcast for your convenience. Hello, my name is Dr. Richard Ford, I’m the Chief Scientist over at Forcepoint. In that job, I’m responsible for a variety of different things, but one of the things I’m most excited about … More → Continue reading The human point: Gaining visibility into the context behind user actions→

AI is key to speeding up threat detection and response

Posted on August 14, 2017 by Zeljka Zorz

Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of a breach. “Security event investigations can last hours, and a full analysis of an advanced threat can take days, weeks or even months. Even large security operations center (SOC) teams with more than 10 skilled analysts find it difficult to detect, confirm, remediate, and verify security incidents in minutes and hours,” says Chris Morales, … More → Continue reading AI is key to speeding up threat detection and response→