Dec 06 2021

2022 and the threat landscape: The top 5 future cybersecurity challenges

Category: Cyber Threats,Insider Threat,Threat detection,Threat ModelingDISC @ 10:34 am
2022 and the threat landscape: The top 5 future cybersecurity challenges

2022 is going to be a year of building greater resiliency and integrating this into all aspects of business operations. This will require organizations of all levels to review how they are responding to a larger scale of sophisticated threats. To build on the efforts of 2021, CISOs need to address how they can implement innovation into their business without making themselves more vulnerable to damaging attacks.

There are five big trends that I see defining the market in 2022 that security professionals should pay attention to:

. The rise of the “assume-breach” mindset

Zero trust applies the principle of fundamentally not trusting anything on or off your network and deploys a “assume-breach” mindset. 

. Innovation and new risk in 5G

. Customization, personalization and getting personal with phishing tactics

. Hackers will go for gold at the Beijing Olympics

. The enterprise API ecosystem will show its vulnerabilities

The Ransomware Threat Landscape: Prepare for, recognize and survive ransomware attacks

Tags: threat landscape

May 05 2021

XDR Defined: Giving Meaning To Extended Detection And Response

Category: Threat detectionDISC @ 9:05 am
XDR Defined: Giving Meaning To Extended Detection And Response

The term “extended detection and response” (or XDR) was coined back in 2018, but definitions continue to vary significantly (see one, two, or three, and tell me what XDR actually is -:). There was no reliable, unbiased explanation for what XDR is and how it differs from a security analytics platform, which has led to confusion and disregard from clients who dismiss it as nothing more than yet another cybersecurity marketing buzzword.

What Is Extended Detection And Response (XDR)?

Tags: XDR

Apr 14 2021

The FBI Is Now Securing Networks Without Their Owners’ Permission

Category: Cyber Threats,Threat detection,Threat ModelingDISC @ 10:30 am
The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities were patched, the shell would remain until the network operators removed it.

Now, months later, many of those shells are still in place. And they’re being used by criminal hackers as well.

On Tuesday, the FBI announced that it successfully received a court order to remove “hundreds” of these web shells from networks in the US.

Tags: Securing Networks

Apr 14 2021

FireEye: 650 new threat groups were tracked in 2020

Category: Cyber Threats,Threat detection,Threat ModelingDISC @ 10:09 am
FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020

FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 were initially detected by the victims, a data that is an improvement of 12% from 2019.

Since its launch, Mandiant tracked more than 2,400 threat groups, 650 of them were tracked in 2020. Over the years, the experts combined or eliminated approximately 500 groups, leaving more than 1,900 distinct groups tracked at this time (+100 compared to 2019).

The threat actors tracked by Mandiant include nation-state actors, financially motivated groups, and uncategorized groups (known as UNCs).

“In 2020, Mandiant experts investigated intrusions that involved 246 distinct threat groups. Organizations faced intrusions by four named financial threat (FIN) groups; six named advanced persistent threat (APT) groups, including groups from the nation-states of China, Iran and Vietnam; and 236 uncategorized threat (UNC) groups. Of the 246 threat groups observed at intrusion clients, 161 of these threat groups were newly tracked threat groups in 2020.” reads the report published by FireEye.

The Cyber Threat

Tags: new threat groups were tracked

Jul 27 2020

Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Category: Hacking,Threat detection,Threat ModelingDISC @ 1:20 pm

Attackers increasingly try to confuse and bypass machine-learning systems. So the companies that deploy them are getting creative.

Source: Facebook’s ‘Red Team’ Hacks Its Own AI Programs




Tags: AI Programs, Facebook security, Fcaebook InfoSec, Red team

Jun 13 2020

Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet

Category: Cyber Espionage,Cyber Threats,Threat detectionDISC @ 12:13 pm

Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away.

Source: Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email




Mar 25 2020

Threat Simulation Overview and Setup – Active Countermeasures

Category: Cyber Threats,Threat detection,Threat ModelingDISC @ 11:50 am

Intro: No software project is complete without testing. In this blog series, we’ll cover how to test if your Threat Hunting platform can detect common threats.[
]

Source: Threat Simulation Overview and Setup – Active Countermeasures

Why You Need Threat Hunting!
httpv://www.youtube.com/watch?v=sKQHJhd-YWE

Cyber Threat Hunting: Identify and Hunt Down Intruders
httpv://www.youtube.com/watch?v=60pyxA0U9EQ

Real-Time Threat Hunting – SANS Threat Hunting & Incident Response Summit 2017
httpv://www.youtube.com/watch?v=TTbZd0he94U

Detecting Malware Beacons with Zeek and RITA
httpv://www.youtube.com/watch?v=eETUi-AZYgc





Subscribe to DISC InfoSec blog by Email




Dec 15 2019

Global Threat Detection Report

Category: Cyber Threats,Threat detectionDISC @ 1:22 pm



2019 Global Threat Detection Report

2019 Global Threat Detection Report

via CrowdStrike





The best practice guide for an effective infoSec function

Practice Guide

Open a PDF file 2019 Global Threat Detection Report.




2019 Global Threat Report- The 1-10-60 Rule
httpv://www.youtube.com/watch?v=y70R2vUbvls

World Economic Forum Global Risks Report 2019
httpv://www.youtube.com/watch?v=kwQMsBWd-jo


“Threat Detection & Prevention” appliances




Subscribe to DISC InfoSec blog by Email




« Previous Page