endpoint detection and response (EDR)

What’s behind the 51% drop in ransomware attacks?

Posted on October 18, 2024 by Jonathan Reed

In a world where cyber threats feel omnipresent, a recent report has revealed some unexpected good news: ransomware attacks on state and local governments have dropped by 51% in 2024. Still, this decline does not signal the end of the ransomware threat, nor should it lead to complacency. As the nature of ransomware evolves, so […]

The post What’s behind the 51% drop in ransomware attacks? appeared first on Security Intelligence.

Continue reading What’s behind the 51% drop in ransomware attacks?→

Manage AI threats with the right technology architecture

Posted on June 25, 2024 by Yasar Yuzer

In an increasingly digital world, companies continuously face the threat of cyberattacks. Current advances in artificial intelligence (AI) promise significant improvements in detecting and defending against such threats. However, it is no secret that attackers are increasingly using AI. Cyber criminals leverage AI and machine learning to optimize and automate attacks. AI-driven malware can quickly […]

The post Manage AI threats with the right technology architecture appeared first on Security Intelligence.

Continue reading Manage AI threats with the right technology architecture→

Does your security program suffer from piecemeal detection and response?

Posted on October 5, 2023 by John Velisaris

Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of […]

The post Does your security program suffer from piecemeal detection and response? appeared first on Security Intelligence.

Continue reading Does your security program suffer from piecemeal detection and response?→

Combining EPP and EDR tools can boost your endpoint security

Posted on July 25, 2023 by Xavier Santolaria

Endpoint protection platform (EPP) and endpoint detection and response (EDR) tools are two security products commonly used to protect endpoint systems from threats. EPP is a comprehensive security solution that provides a range of features to detect and prevent threats to endpoint devices. At the same time, EDR is specifically designed to monitor, detect and […]

The post Combining EPP and EDR tools can boost your endpoint security appeared first on Security Intelligence.

Continue reading Combining EPP and EDR tools can boost your endpoint security→

Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution

Posted on June 28, 2023 by Joshua Magri

In this post, we’ll review a simple technique that we’ve developed to encrypt Cobalt Strike’s Beacon in memory while executing BOFs to prevent a memory scan from detecting Beacon. Picture this — you’re on a red team engagement and your phish went through, your initial access payload got past EDR, your beacon is now living […]

The post Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution appeared first on Security Intelligence.

Continue reading Your BOFs Are gross, Put on a Mask: How to Hide Beacon During BOF Execution→

All About PowerShell Attacks: The No. 1 ATT&CK Technique

Posted on June 26, 2023 by Jonathan Reed

How do cyber pros prioritize their security efforts? A good place to start is knowing exactly what tactics, techniques and procedures (TTP) threat actors use. In a recently published report, aggregated data was used to identify the most common attack techniques as defined by the MITRE ATT&CK framework. The study revealed that PowerShell Command & […]

The post All About PowerShell Attacks: The No. 1 ATT&CK Technique appeared first on Security Intelligence.

Continue reading All About PowerShell Attacks: The No. 1 ATT&CK Technique→

Are Ransomware Attacks Declining, or Has Reporting Worsened?

Posted on May 17, 2023 by Mark Stone

While examining the state of ransomware in 2023, the statistics show promise — at least on the surface. According to the IBM X-Force Threat Intelligence Index 2023, “Ransomware’s share of incidents declined from 21% in 2021 to 17% in 2022.” Also promising: ransomware groups had a shaky 2022. The Trickbot group, for example, faced significant […]

The post Are Ransomware Attacks Declining, or Has Reporting Worsened? appeared first on Security Intelligence.

Continue reading Are Ransomware Attacks Declining, or Has Reporting Worsened?→

Securing Your Remote Workforce: How to Reduce Cyber Threats

Posted on April 18, 2023 by Jennifer Gregory

The debates have (mostly) stopped about whether remote work is here to stay. For many people, it’s just the way we work today. However, even three years later, cybersecurity around remote work is still a top concern. Both companies and employees have room for improvement in terms of protecting devices, data and apps from cybersecurity […]

The post Securing Your Remote Workforce: How to Reduce Cyber Threats appeared first on Security Intelligence.

Continue reading Securing Your Remote Workforce: How to Reduce Cyber Threats→

Four Ways to Harden Your Network Perimeter

Posted on April 12, 2023 by Richard Howe

With the threat of cyberattacks on the rise worldwide, hardening your organization’s network perimeter has never been more critical. Many organizations have begun to focus more on actively securing and monitoring their externally facing assets to fend off cyberattacks from enemy nation-state actors and cyber criminals. By implementing the four best practices listed below, you […]

The post Four Ways to Harden Your Network Perimeter appeared first on Security Intelligence.

Continue reading Four Ways to Harden Your Network Perimeter→

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

Posted on February 24, 2023 by Moez Kamel

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly […]

The post Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space appeared first on Security Intelligence.

Continue reading Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space→