Category Archives: threat hunting

[SANS ISC] Do you collect “Observables” or “IOCs”?

Posted on by

I published the following diary on isc.sans.edu: “Do you collect “Observables” or “IOCs”?“: Indicators of Compromise, or IOCs, are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities or malware analysis. About the last example, the malware analyst’s goal

The post [SANS ISC] Do you collect “Observables” or “IOCs”? appeared first on /dev/random.

Continue reading [SANS ISC] Do you collect “Observables” or “IOCs”?

3 Ways EDR Can Stop Ransomware Attacks

Posted on by

Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took […]

The post 3 Ways EDR Can Stop Ransomware Attacks appeared first on Security Intelligence.

Continue reading 3 Ways EDR Can Stop Ransomware Attacks

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Posted on by

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly […]

The post Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM appeared first on Security Intelligence.

Continue reading Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2

Posted on by

In the first Back to Basics blog we discussed cyber hygiene and some fundamental security practices one can take to quickly assess their current cybersecurity posture and identify, prioritize, and mitigate visibility gaps. This post focuses on account management measures and how proactive identification and regulation can drastically elevate your security posture. Routine cyber hygiene…

The post Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2 appeared first on TrustedSec.

Continue reading Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2

How IBM Secured the 2022 US Open

Posted on by

Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to take immediate action. However, with such a large volume and variety of data, security analysts […]

The post How IBM Secured the 2022 US Open appeared first on Security Intelligence.

Continue reading How IBM Secured the 2022 US Open

Product showcase: The Stellar Cyber Open XDR platform

Posted on by

As enterprises find themselves dealing with ever-increasing threats and the boundaries of their organization disappearing, security teams are more challenged than ever to deliver consistent security outcomes across the environment. Stellar Cyber aims t… Continue reading Product showcase: The Stellar Cyber Open XDR platform

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

Posted on by

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on […]

The post Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program appeared first on Security Intelligence.

Continue reading Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

Security Obscurity Versus Ethical Hackers: Who’s Right?

Posted on by

Security breaches can lead to damage to a business’s finances, operations and reputation. What many companies might fear most is the latter: damage to their reputation. This may explain why 65% of organizations want to be seen as infallible, as per a recent HackerOne survey. Meanwhile, 64% maintain a culture of security through obscurity, and […]

The post Security Obscurity Versus Ethical Hackers: Who’s Right? appeared first on Security Intelligence.

Continue reading Security Obscurity Versus Ethical Hackers: Who’s Right?

What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’

Posted on by

After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of a policy set in 2018.  This policy involves partnering with foreign countries on finding cyber […]

The post What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’ appeared first on Security Intelligence.

Continue reading What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’

Digital Shadows Weaken Your Attack Surface

Posted on by

Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For example, in April 2021 attackers leaked data containing the personal information of over 533 million Facebook users from 106 countries.  Sure, you might want your tweet […]

The post Digital Shadows Weaken Your Attack Surface appeared first on Security Intelligence.

Continue reading Digital Shadows Weaken Your Attack Surface