Category Archives: threat hunting

What Are the Biggest Phishing Trends Today?

Posted on by

According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing was used in 41% of the attacks that X-Force remediated in 2021. That’s a 33% […]

The post What Are the Biggest Phishing Trends Today? appeared first on Security Intelligence.

Continue reading What Are the Biggest Phishing Trends Today?

Building the CASE for the Vehicle Security Operations Center

Posted on by

This post was written with contributions from IBM Security’s Rob Dyson, Preston Futrell and Brett Drummond. Let’s explore a day in the life of a vehicle security operations center (VSOC). An autonomous vehicle is transporting passengers to their destination. Inside the vehicle, they are patiently waiting to arrive at their destination and, in the meantime, […]

The post Building the CASE for the Vehicle Security Operations Center appeared first on Security Intelligence.

Continue reading Building the CASE for the Vehicle Security Operations Center

The evolving role of the lawyer in cybersecurity

Posted on by

Cybersecurity is one of the most dynamic fields of law. Long gone are the days when organizations could rely entirely on defensive measures within their own environments for protection: effective threat intelligence and threat hunting programs can take… Continue reading The evolving role of the lawyer in cybersecurity

What Online Gaming Cheats Teach Us About Cybersecurity

Posted on by

When you play a video game, you probably want to win, or at least show off real skill. Cheaters make it a lot less fun, according to a recent Irdeto Global Gaming Survey. It says 60% of all online video game players across the globe have had their gaming time negatively impacted by cheaters. These […]

The post What Online Gaming Cheats Teach Us About Cybersecurity appeared first on Security Intelligence.

Continue reading What Online Gaming Cheats Teach Us About Cybersecurity

CVE 2022-22965 (Spring4Shell) Vulnerability

Posted on by

On March 29, 2022, a security researcher with the handle p1n93r disclosed a Spring Framework remote code execution (RCE) vulnerability, which was archived by vx-underground. This vulnerability, known as Spring4Shell, affects applications that use JDK v9 or above that run Apache Tomcat as the Servlet Container in a WAR package and use dependencies of the…

The post CVE 2022-22965 (Spring4Shell) Vulnerability appeared first on TrustedSec.

Continue reading CVE 2022-22965 (Spring4Shell) Vulnerability

Simplifying Your Operational Threat Hunt Planning

Posted on by

Opening Hopefully you all were able to read our recent Threat Hunting whitepaper and had the chance to listen to our latest Threat Hunting webinar. These references should be used as the foundation of information, which leads us into the next journey: how to build out your first Threat Hunt. Building out an organization’s Threat…

The post Simplifying Your Operational Threat Hunt Planning appeared first on TrustedSec.

Continue reading Simplifying Your Operational Threat Hunt Planning

TrustedSec Okta Breach Recommendations

Posted on by

TrustedSec’s Incident Response Team sent urgent communications to all IR retainer clients after the discovery of the compromise of Okta. Below are the recommendations provided with additional updates after reviewing more information on 03/23/2022. On March 22, 2022, the threat group LAPSUS$ announced a successful compromise of Okta, a heavily used identity and access management…

The post TrustedSec Okta Breach Recommendations appeared first on TrustedSec.

Continue reading TrustedSec Okta Breach Recommendations

Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene

Posted on by

Every day, new challenges, attacks, and vulnerabilities are publicized. Just as attackers and the threat landscape are constantly changing, adapting, and evolving, so too must the Blue Teams and defenders who protect organizations against these threats. While the old adage may have been that attacks are rare and unlikely to happen, a new mentality of…

The post Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene appeared first on TrustedSec.

Continue reading Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene

Expert Insights: What’s Next for Ransomware?

Posted on by

Last year, many organizations stopped talking about when the workforce would be back full-time in the office. Instead, they focused on how we build a hybrid work model for the future. 2021 was active and interesting – for lack of a better word. There’s a lot to say in terms of cyber crime in general […]

The post Expert Insights: What’s Next for Ransomware? appeared first on Security Intelligence.

Continue reading Expert Insights: What’s Next for Ransomware?

Are separate SIEMs for threat hunting a good idea?

Posted on by

In this interview with Help Net Security, Brian Dye, CEO at Corelight, talks about the trend of creating separate SIEMs for threat hunting and why this is not achieveable for all organizations. We are seeing companies establishing separate SIEMs for th… Continue reading Are separate SIEMs for threat hunting a good idea?