How quickly a year passes. 2023 was Corelight’s first year participating in the Black Hat Network Operations Center (NOC). It was a tremendous opportunity and responsibility in which we collaborated with teams from Cisco, Palo Alto Networks, Arista, Lumen, and NetWitness to keep events in Asia, Europe, and the US safe and functional for all attendees. As we speak, our team is gearing up for a repeat for Black Hat Asia 2024 in Singapore.

According to Cybersecurity Ventures, the cost of cybercrime is expected to surge by 15 percent annually over the next five years, soaring to a staggering $10.5 trillion annually by 2025, up from $3 trillion in 2015. This exponential growth underscores the urgent need for a comprehensive understanding and proactive defense against the myriad of cyber threats looming on the horizon.

Malware often hides communications with its command and control (C2) server over HTTPS. The encryption in HTTPS usually conceals the compromise long enough for the malware to accomplish its goal. This makes detecting malware that uses HTTPS challenging, but once in a while, you will catch a break, as in the case here with AsyncRAT, a Windows remote access tool that has been deployed over the past year to target organizations that manage critical infrastructure in the United States.

Cloud environments are susceptible to a wide variety of cyberattacks, making them difficult to secure. Some cyberattacks are easier to detect than others, so a priority in cloud security is having adequate detection and response systems in place to mitigate them. Unauthorized cryptomining has become a prevalent threat in recent years, especially in cloud environments where it can be harder to detect.

An addition to the A10 Defend suite has arrived. A10 Defend Threat Control, a necessary and proactive DDoS intelligence SaaS platform, is here to establish and amplify your holistic DDoS defense system. Backed by A10’s proprietary “zero-atrophy” data gathering and validation method, Threat Control provides actionable insights and proactively establishes a first layer of defense for your DDoS protection needs.

The demand for innovative threat detection and intelligence approaches is more pressing than ever. One such paradigm-shifting technology gaining prominence is Federated Learning (FL). This emerging concept harnesses the power of collaborative intelligence, allowing disparate entities to pool their insights without compromising sensitive data.