Detecting Malicious Trackers

From Slashdot:

Apple and Google have launched a new industry standard called “Detecting Unwanted Location Trackers” to combat the misuse of Bluetooth trackers for stalking. Starting Monday, iPhone and Android users will receive alerts when an unknown Bluetooth device is detected moving with them. The move comes after numerous cases of trackers like Apple’s AirTags being used for malicious purposes.

Several Bluetooth tag companies have committed to making their future products compatible with the new standard. Apple and Google said they will continue collaborating with the Internet Engineering Task Force to further develop this technology and address the issue of unwanted tracking…

Continue reading Detecting Malicious Trackers

What is Anomaly Detection in Cybersecurity?

Anomaly detection, the “identification of rare occurrences, items, or events of concern due to their differing characteristics from the majority of the processed data,” allows organizations to track “security errors, structural defects and even bank fr… Continue reading What is Anomaly Detection in Cybersecurity?

Risks of Evidentiary Software

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example).

Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it.

The software engineers proposed a three-part test. First, the court should have access to the “Known Error Log,” which should be part of any professionally developed software project. Next the court should consider whether the evidence being presented could be materially affected by a software error. Ladkin and his co-authors noted that a chain of emails back and forth are unlikely to have such an error, but the …

Continue reading Risks of Evidentiary Software

The Most Important Question to Ask Security Vendors Before Hiring Them

False positives remain a significant concern that affects your chances of closing a deal or making a sale.
The post The Most Important Question to Ask Security Vendors Before Hiring Them appeared first on Radware Blog.
The post The Most Important Ques… Continue reading The Most Important Question to Ask Security Vendors Before Hiring Them

A Modern SOC Should Not Be Entirely Dependent On Human Operators and Their Personal Experience

A modern SOC should not be entirely dependent on human operators and their personal experience. The issue has been a foundational problem with not only the methodologies used by SOCs for the past 15 to 20 years, but it should be questioned whether the … Continue reading A Modern SOC Should Not Be Entirely Dependent On Human Operators and Their Personal Experience

Why Responding to a Cyber Attack with a Traditional SIEM Leaves You Vulnerable

An enterprise’s inability to detect cyber attacks has tangible effects on its productivity and profitability. Various reports have noted a correlation between the time it takes to spot an intrusion and the cost of recovery.
The post Why Responding to a… Continue reading Why Responding to a Cyber Attack with a Traditional SIEM Leaves You Vulnerable

Combat Alert Fatigue

Improve Productivity of Your SOC Personnel Through Menlo iSOC
I get it—it’s been a hard year for the cybersecurity industry. Covid-19 pushed users from a safe, central, hardened data center out to the edge of the network—literally overnight. We’ve… Continue reading Combat Alert Fatigue

Whitepaper: The Failed Promises of SIEM

The fundamental SIEM flaws lie in the platform’s need for continual adjustment, endless data stores, and a tendency to create an overwhelming number of false positives. When organizations instead turn to a next-generation cybersecurity solution, which … Continue reading Whitepaper: The Failed Promises of SIEM

3 Reasons Why a Rule-Based Cybersecurity Platform Will Always Fail

When it comes to advancements in cybersecurity, rule-based systems are holding the industry back. Relying on humans to constantly input and label rules in order to detect and stay ahead of threats is a bottleneck process that is setting security teams … Continue reading 3 Reasons Why a Rule-Based Cybersecurity Platform Will Always Fail

Incident Response: 5 Steps to Prevent False Positives

False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing how to screen for false positives saves time and makes the team more efficient at […]

The post Incident Response: 5 Steps to Prevent False Positives appeared first on Security Intelligence.

Continue reading Incident Response: 5 Steps to Prevent False Positives