Collaborate Disseminate
Over the last several months, I’ve noticed something when discussing Incident Response (IR) with clients. There is often confusion between the expectation and reality concerning the end results of an IR investigation. My goal here is to clarify and set those expectations, and to show how Threat Hunting factors in. When TrustedSec gets called to…
The post Are You Looking for Ants or Termites? appeared first on TrustedSec.
Some of the finest threat hunting and security bits you’ll feast-thine-eyes-upon anywhere. Enjoy.
Permalink
The post SANS@MIC Talk – Threat Hunting via DNS With Eric Conrad appeared first on Security Boulevard.
Continue reading SANS@MIC Talk – Threat Hunting via DNS With Eric Conrad
At the outset of the COVID-19 pandemic, when governments around the world put stay-at-home orders in place, it was hard to imagine the state of work would permanently change. Yet, as organizations rapidly adopted and expanded systems to enable a remote workforce — which doubled in size in just three weeks — company cultures began […]
The post Visibility and Threat Detection in a Remote Working World appeared first on Security Intelligence.
Continue reading Visibility and Threat Detection in a Remote Working World
During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms. By contrast, they […]
The post A Game of Chess: Entropy and Patterns in Threat Intelligence appeared first on Security Intelligence.
Continue reading A Game of Chess: Entropy and Patterns in Threat Intelligence
Opening Phishing attacks are a daily threat to all organizations and unfortunately, they are one of the hardest threats to protect against. No matter how many defensive layers an organization has put in place following best practice defense-in-depth design, it only takes one (1) user to click on that malicious link or open that weaponized…
The post Adventures in Phishing Email Analysis appeared first on TrustedSec.
As the recent pandemic has swept the globe, malicious hackers have quickly pivoted to leverage the confusion to their benefit in carrying out cyberattacks. On April 8, 2020, the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) jointly released an alert […]
The post Chaos Engineering and Security: Upgrading Simulation Exercises For More Dynamic Threat Environments appeared first on Security Intelligence.
The post Packet Collection and Analysis at Scale appeared first on Security Weekly. Continue reading Packet Collection and Analysis at Scale
Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors. We can all recite the challenges that security teams struggle with — too many solutions, not enough people, not enough visibility. With the average organization deploying 25 […]
The post The Journey to Simplicity: User Experience in Security appeared first on Security Intelligence.
Continue reading The Journey to Simplicity: User Experience in Security
The post Reducing Remediation Costs from a Breach appeared first on Security Weekly. Continue reading Reducing Remediation Costs from a Breach
TL;DR: VirusTotal is hosting an EMEA webinar on June 4th showcasing our advanced threat enrichment and threat hunting capabilities, register for the webinar, it is free.“I did not know you could do X, Y, Z with VirusTotal”, this is the most common feed… Continue reading I did not know you could do X, Y, Z with VirusTotal