Collaborate Disseminate
Kaspersky GERT experts have discovered in Colombia new Ymir ransomware, which uses RustyStealer for initial access and the qTox client for communication with its victims. Continue reading Ymir: new stealthy ransomware in the wild
With cybersecurity threats continuously evolving, having a strong incident response (IR) plan is crucial for businesses of all… Continue reading The Importance of Effective Incident Response
Medical practices remain vulnerable to cyberattacks, with over a third unable to cite a cybersecurity incident response plan, according to Software Advice. This gap exposes healthcare providers to risks of patient data breaches, HIPAA violations, finan… Continue reading 6 key elements for building a healthcare cybersecurity response plan
Kaspersky experts analyze cyberdefense weak points, including patch management, policy violations and MSSP issues, and real-world cases where compromise assessment helped detect and mitigate incidents. Continue reading Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses
In this Help Net Security interview, Tom McAndrew, CEO at Coalfire, discusses the balance organizations must strike between legal compliance and effective enterprise security governance in the context of evolving regulatory frameworks. McAndrew also ad… Continue reading Balancing legal frameworks and enterprise security governance
The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs that could help enterprise defenders respond to human-operated ransomware attack… Continue reading Use Windows event logs for ransomware investigations, JPCERT/CC advises
CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the July BSOD incident.
The post CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes appeared first on SecurityWe… Continue reading CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes
More often than not, a cyber attack or a cyber incident that results in business disruption will spur organizations to make changes to improve their cybersecurity and cyber resilience – and sometimes that means changing cybersecurity providers. T… Continue reading Organizations are changing cybersecurity providers in wake of Crowdstrike outage
Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. Continue reading A deep dive into the most interesting incident response cases of last year
Suppose you need to define for an organization what should be considered an information security incident which, when observed, triggers security incident response (investigate, contain, eradicate, recover – details of which might also nee… Continue reading Is loss of availability automatically a security incident?