A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns. Experts say defenses against DNS hijacking lag.
A common complaint among threat intelligence analysts is the near impossibility of searching global
threat intelligence feeds to find the specific threat and vulnerability information that matters to their
organization.
The underlying problem here is the lack of visibility across all internal files and objects....
Over the past year, cyber defenders have seen a high level of innovation from cybercriminals, who are leveraging new tactics, techniques and procedures (TTPs) to maintain persistence and counter incident response efforts.
To better determine how cybercriminals are hiding behind invisibility cloaks to remain...
Charles Henderson, global managing partner for IBM X-Force Red, reviews some of the top new cybersecurity threats to organizations discovered by his team.
The information provided in a domain name system is far deeper than just those transactions that take place. A DNS provides much more granular information around some security risks, although CISOs tend to overlook this information, says Stuart Reed of Nominet.
Netscout is out with its latest threat report, and the research offers some startling new insights into DDoS, advanced threats and the commercialization of cybercrime. Hardik Modi offers analysis.
How confident are organizations in their ability to prevent targeted attacks? And to what extent have post-breach detection measures been employed to root out advanced threats that have by-passed traditional preventative defenses?
Fidelis conducted a study of 582 security professionals to evaluate the adoption of...
CenturyLink has opened Black Lotus Labs, which focuses on threat research used to share information with customers as well as initiate takedowns of networks used to support cybercrime activities, says Peter Brecl, a director at the company.
Given the unsustainability of the status quo, it's a question worth considering.
Technology constantly advances. Businesses now leverage the cloud, mobility, AI, IoT, and blockchain
in ways that were once unthinkable. So no one can credibly claim that the same technologies they used
to empower their business a few...
Threat hunting is a critical but labor-intensive task for security analysts. But automation can provide significant advantages, says Steven Grossman of Bay Dynamics.
Multi-stage attacks use diverse and distributed methods to circumvent existing defenses and evade detection - spanning endpoints, networks, email and other vectors in an attempt to land and expand. Meanwhile, individual tools including DLP, EDR, CASBs, email security and advanced threat protection are only designed to...
Every threat hunt starts with intelligence. As one of the industry's most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.
Many security professionals are constantly drowning in alerts across a multitude of security tools. When you can't see what is happening on your endpoints, investigating an alert can feel like you're running blindfolded. Often, these professionals don't have the visibility or data to prioritize alerts or make...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
