Category Archives: threat hunting

A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023

Posted on by

In 2023, the global annual cost of cyber crime is predicted to top $8 trillion, according to a recent Cybersecurity Ventures report. This seemingly enormous figure might still be a major underestimate. In 2021, U.S. financial institutions lost nearly $1.2 billion in costs due to ransomware attacks alone. That was a nearly 200% increase over […]

The post A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023 appeared first on Security Intelligence.

Continue reading A Perfect Storm: 7 Reasons Global Attacks Will Soar in 2023

To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response

Posted on by

tl;dr Communications are critical during an incident. If you cannot coordinate, collaborate, and inform actions and information about an incident, the incident response will eventually fail. Normally, this isn’t an issue, as organizations have resources like Microsoft 365 email, SharePoint, Slack, and Teams to use to communicate with each other. However, what happens when those…

The post To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response appeared first on TrustedSec.

Continue reading To OOB, or Not to OOB?: Why Out-of-Band Communications are Essential for Incident Response

Beware of What Is Lurking in the Shadows of Your IT

Posted on by

This post was written with contributions from Joseph Lozowski. Comprehensive incident preparedness requires building out and testing response plans that consider the possibility that threats will bypass all security protections. An example of a threat vector that can bypass security protections is “shadow IT” and it is one that organizations must prepare for. Shadow IT […]

The post Beware of What Is Lurking in the Shadows of Your IT appeared first on Security Intelligence.

Continue reading Beware of What Is Lurking in the Shadows of Your IT

Indicators of compromise (IOCs): how we collect and use them

Posted on by

How exactly can indicators of compromise help information security specialists in their everyday work? To find the answer we asked three Kaspersky experts to share their experience. Continue reading Indicators of compromise (IOCs): how we collect and use them

[SANS ISC] Do you collect “Observables” or “IOCs”?

Posted on by

I published the following diary on isc.sans.edu: “Do you collect “Observables” or “IOCs”?“: Indicators of Compromise, or IOCs, are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities or malware analysis. About the last example, the malware analyst’s goal

The post [SANS ISC] Do you collect “Observables” or “IOCs”? appeared first on /dev/random.

Continue reading [SANS ISC] Do you collect “Observables” or “IOCs”?

3 Ways EDR Can Stop Ransomware Attacks

Posted on by

Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took […]

The post 3 Ways EDR Can Stop Ransomware Attacks appeared first on Security Intelligence.

Continue reading 3 Ways EDR Can Stop Ransomware Attacks

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Posted on by

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly […]

The post Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM appeared first on Security Intelligence.

Continue reading Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2

Posted on by

In the first Back to Basics blog we discussed cyber hygiene and some fundamental security practices one can take to quickly assess their current cybersecurity posture and identify, prioritize, and mitigate visibility gaps. This post focuses on account management measures and how proactive identification and regulation can drastically elevate your security posture. Routine cyber hygiene…

The post Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2 appeared first on TrustedSec.

Continue reading Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2

How IBM Secured the 2022 US Open

Posted on by

Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to take immediate action. However, with such a large volume and variety of data, security analysts […]

The post How IBM Secured the 2022 US Open appeared first on Security Intelligence.

Continue reading How IBM Secured the 2022 US Open

Product showcase: The Stellar Cyber Open XDR platform

Posted on by

As enterprises find themselves dealing with ever-increasing threats and the boundaries of their organization disappearing, security teams are more challenged than ever to deliver consistent security outcomes across the environment. Stellar Cyber aims t… Continue reading Product showcase: The Stellar Cyber Open XDR platform