threat hunting – Page 7 – WindowsTechs.com

New Attacks, Old Tricks: How OneNote Malware is Evolving

Posted on January 31, 2023 by Roza Maille

1 Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun to look at a sample. It turns out there are a lot of similarities between embedding malicious code into a OneNote document and the old macro/VBA techniques for Office…

The post New Attacks, Old Tricks: How OneNote Malware is Evolving appeared first on TrustedSec.

Continue reading New Attacks, Old Tricks: How OneNote Malware is Evolving→

5 Golden Rules of Threat Hunting

Posted on January 27, 2023 by Olga Hout

When a breach is uncovered, the operational cadence includes threat detection, quarantine and termination. While all stages can occur within the first hour of discovery, in some cases, that’s already too late. Security operations center (SOC) teams monitor and hunt new threats continuously. To ward off the most advanced threats, security teams proactively hunt for […]

The post 5 Golden Rules of Threat Hunting appeared first on Security Intelligence.

Continue reading 5 Golden Rules of Threat Hunting→

What your SOC will be facing in 2023

Posted on January 23, 2023 by Sergey Soldatov, Roman Nazarov

Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in 2023? Continue reading What your SOC will be facing in 2023→

RomCom RAT Attack Analysis: Fake It to Make It

Posted on January 10, 2023 by Doug Bonderud

The RomCom RAT has been making the rounds — first in Ukraine as it went after military installations, and now in certain English-speaking countries such as the United Kingdom. Initially a spear-phishing campaign, the RomCom attack has evolved to include domain and download spoofing of well-known and trusted products. In this piece, we’ll break down […]

The post RomCom RAT Attack Analysis: Fake It to Make It appeared first on Security Intelligence.

Continue reading RomCom RAT Attack Analysis: Fake It to Make It→

A LAPS(e) in Judgement

Posted on January 10, 2023 by Roza Maille

As security practitioners, we live in a time where there is an abundance of tools and solutions to help us secure our homes, organizations, and critical data. We know the dangers of unpatched applications and devices as well as the virtues of things like password managers and encrypted databases to protect our passwords and other…

The post A LAPS(e) in Judgement appeared first on TrustedSec.

Continue reading A LAPS(e) in Judgement→

3 Reasons to Make EDR Part of Your Incident Response Plan

Posted on January 5, 2023 by Serge Woon

As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident Response Plan? Incident response (IR) refers to an organization’s approach, processes and technologies to detect […]

The post 3 Reasons to Make EDR Part of Your Incident Response Plan appeared first on Security Intelligence.

Continue reading 3 Reasons to Make EDR Part of Your Incident Response Plan→

A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023

Posted on January 4, 2023 by Jonathan Reed

In 2023, the global annual cost of cyber crime is predicted to top $8 trillion, according to a recent Cybersecurity Ventures report. This seemingly enormous figure might still be a major underestimate. In 2021, U.S. financial institutions lost nearly $1.2 billion in costs due to ransomware attacks alone. That was a nearly 200% increase over […]

The post A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023 appeared first on Security Intelligence.

Continue reading A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023→

To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response

Posted on December 29, 2022 by Roza Maille

tl;dr Communications are critical during an incident. If you cannot coordinate, collaborate, and inform actions and information about an incident, the incident response will eventually fail. Normally, this isn’t an issue, as organizations have resources like Microsoft 365 email, SharePoint, Slack, and Teams to use to communicate with each other. However, what happens when those…

The post To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response appeared first on TrustedSec.

Continue reading To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response→

Beware of What Is Lurking in the Shadows of Your IT

Posted on December 21, 2022 by John Dwyer

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT […]

The post Beware of What Is Lurking in the Shadows of Your IT appeared first on Security Intelligence.

Continue reading Beware of What Is Lurking in the Shadows of Your IT→

Indicators of compromise (IOCs): how we collect and use them

Posted on December 2, 2022 by Roman Nazarov, Pierre Delcher, Konstantin Sapronov

How exactly can indicators of compromise help information security specialists in their everyday work? To find the answer we asked three Kaspersky experts to share their experience. Continue reading Indicators of compromise (IOCs): how we collect and use them→