Archive for the ‘Threat detection’ Category

How to Spot Your Biggest Security Threat? Just Look out for the Humans

As it turns out, it’s not some AI-powered machine learning super virus or pernicious and anonymous cybercrime syndicate. It’s not the latest and greatest in botnets, malware, or spyware either. Sure, these can be scary, and they are worth protecting against. The headlines report the increased volume and velocity of security threats every other day. The […]

Leave a Comment

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 million vehicles. An attacker can […]

Leave a Comment

Russia-linked APT29 relies on Google Drive, Dropbox to evade detection

Russia-linked threat actors APT29 are using the Google Drive cloud storage service to evade detection. Palo Alto Networks researchers reported that the Russia-linked APT29 group, tracked by the researchers as Cloaked Ursa, started using the Google Drive cloud storage service to evade detection. The Russia-linked APT29 group (aka SVR, Cozy Bear, and The Dukes) has been active since at least 2014, along […]

Leave a Comment

ENISA released the Threat Landscape Methodology

I’m proud to announce that the European Union Agency for Cybersecurity, ENISA, has released the Threat Landscape Methodology. Policy makers, risk managers and information security practitioners need up-to-date and accurate information on the current threat landscape, supported by threat intelligence. The EU Agency for Cybersecurity (ENISA) Threat Landscape report has been published on an annual […]

Leave a Comment

What Security Engineers Hate About SIEM

SIEM Satisfaction is Mediocre When CISOs, CIOs, CTOs, security engineers, security analysts and security architects were asked to rank the primary capabilities of a traditional SIEM according to how satisfied they were with those capabilities, an interesting picture emerged. The survey results indicated that every primary capability of traditional SIEM solutions, at best, only somewhat […]

Leave a Comment

BEC scammers impersonate CEOs on virtual meeting platforms

The FBI warned US organizations and individuals are being increasingly targeted in BECattacks on virtual meeting platforms The Federal Bureau of Investigation (FBI) warned this week that US organizations and individuals are being increasingly targeted in BEC (business email compromise) attacks on virtual meeting platforms. Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both […]

Leave a Comment

Open-source Threat Intelligence Feeds

Table of Contents InfraGard DHS CISA Automated Indicator Sharing Abuse.ch AlienVault COVID-19 Cyber Threat Coalition Feeds BlockList.de Phishtank Verified Online Url Feeds Proofpoint Emerging Threats Rules The CINS Score SANS Internet Storm Center VirusTotal Cisco Talos Intelligence The Spamhaus Project VirusShare Malware Repository Google Safe Browsing Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on […]

Leave a Comment

Threat actors abuse public cloud services to spread multiple RATs

Threat actors are actively exploiting public cloud services from Amazon and Microsoft to spread RATs such as Nanocore, Netwire, and AsyncRAT used to steal sensitive information from compromised systems. The malware campaign was spotted by Cisco Talos in October 2021, most of the victims were located in the United States, Italy and Singapore. Threat actors leverages cloud services like […]

Leave a Comment

External attackers can penetrate most local company networks

These are the results of a new research report by Positive Technologies, analyzing results of the company’s penetration testing projects carried out in the second half of 2020 and first half of 2021. The study was conducted among financial organizations (29%), fuel and energy organizations (18%), government (16%), industrial (16%), IT companies (13%), and other sectors. During […]

Leave a Comment

Threat actors are abusing MSBuild to implant Cobalt Strike Beacons

Security expert from Morphus Labs recently observed several malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines. MSBuild is a free and open-source build toolset for managed code as well as native C++ code and was part of .NET Framework. It is used for building apps and gives users […]

Leave a Comment

SANS 2021 Top New Attacks and Threat Report

SANS 2021 Top New Attacks and Threat Report Download System Security Threats | Computer Science Posters

Leave a Comment

2022 and the threat landscape: The top 5 future cybersecurity challenges

2022 is going to be a year of building greater resiliency and integrating this into all aspects of business operations. This will require organizations of all levels to review how they are responding to a larger scale of sophisticated threats. To build on the efforts of 2021, CISOs need to address how they can implement […]

Leave a Comment

XDR Defined: Giving Meaning To Extended Detection And Response

The term “extended detection and response” (or XDR) was coined back in 2018, but definitions continue to vary significantly (see one, two, or three, and tell me what XDR actually is -:). There was no reliable, unbiased explanation for what XDR is and how it differs from a security analytics platform, which has led to confusion and disregard from clients who dismiss it as nothing more than yet […]

Leave a Comment

The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities […]

Leave a Comment

FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […]

Leave a Comment

Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Attackers increasingly try to confuse and bypass machine-learning systems. So the companies that deploy them are getting creative. Source: Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Leave a Comment

Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet

Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. Source: Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet Download a Security Risk Assessment steps paper! Download a vCISO template Subscribe to DISC InfoSec blog by […]

Leave a Comment

Threat Simulation Overview and Setup – Active Countermeasures

Intro: No software project is complete without testing. In this blog series, we’ll cover how to test if your Threat Hunting platform can detect common threats.[…] Source: Threat Simulation Overview and Setup – Active Countermeasures Why You Need Threat Hunting! Cyber Threat Hunting: Identify and Hunt Down Intruders Real-Time Threat Hunting – SANS Threat Hunting […]

Leave a Comment

Global Threat Detection Report

2019 Global Threat Detection Report 2019 Global Threat Detection Report via CrowdStrike The best practice guide for an effective infoSec function Practice Guide Open a PDF file 2019 Global Threat Detection Report. 2019 Global Threat Report- The 1-10-60 Rule World Economic Forum Global Risks Report 2019 “Threat Detection & Prevention” appliances Subscribe to DISC InfoSec […]

Leave a Comment