Mass Breaches in the Age of AI
Chris Clements, VP of Solutions Architecture December 12, 2024.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
%term
Analyzing Salt Typhoon: Telecom Attacker
Salt Typhoon is a Chinese-speaking threat actor that the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have tied to a series of attacks that breached and exfiltrated data from several of the world's most prominent telecommunications companies. Trustwave SpiderLabs has created a deep analysis of the threat group Salt Typhoon, detailing the group's history, techniques, tactics, and procedures (TTP), and preferred targets.
Email Threat Hunting with Detection as Code with Michael Robertson
Michael Robertson, Senior Security Analyst at Recon InfoSec, joined us to discuss Email Threat Hunting with Detection as Code.
Securing Infrastructure Access at Scale in Large Enterprises
The complexity and scale of computing infrastructure has exploded in recent years. In larger organizations, managing access, identities, and policies for people and machines to securely access diverse infrastructure resources – such as physical machines and servers, clouds, software apps, services, APIs – is a daunting task. The larger the organization, the more costly and difficult it becomes to wrangle the complexity of this infrastructure in a way that is secure, efficient, and resilient.
Direct Kernel Access: The Risks of ebpf Explained #CyberSecurity #KernelAccess #ebpf
EBPF is a Why direct kernel access through EBPF creates critical vulnerabilities. Insights into security issues like CrowdStrike kernel panics and CIUM exploits. How EBPF is emerging as a key attack vector in modern cybersecurity.
What is Cyber Threat Detection and Response?
To compete in an era of dynamic, multimodal cyberattacks, cybersecurity programs must become multidimensional, capable of simultaneously contending with a wide range of cyber threats. In this post, we explain how your organization can develop such a multipronged approach with a branch of cybersecurity known as cybersecurity threat detection.
Unique approaches to MITRE ATT&CK-make the most of its potential
Cybersecurity frameworks often feel as exciting as tax codes and instruction manuals, useful but not exactly captivating. Yet, the MITRE ATT&CK framework has managed to capture the attention of security professionals worldwide by mapping out adversary tactics, techniques, and procedures (TTPs). Many organizations don’t operationalize MITRE ATT&CK’s potential fully, using the framework in predictable ways. But it doesn’t have to be that way.
27 DDoS-for-Hire Platforms Neutralized in a Worldwide Police Crackdown
Read also: An alleged Scattered Spider member arrested in the US, a Chinese hacker who compromised over 80,000 Sophos firewalls charged, and more.
How Williams Racing Secures Its Global Operations With Zero-Trust Cybersecurity
In the intense arena of Formula 1 racing, every millisecond counts – not just on the track but also in protecting the valuable data that drives success. Williams Racing, a team that has an impressive record in F1 with nine Constructors’ Championships and seven Drivers’ Championships, recently faced a critical challenge: securing sensitive data across a global operation while maintaining the lightning-fast access their team needs to compete.
What Is Vishing?
Vishing, also known as voice phishing, occurs when scammers make phone calls to trick you into sharing personal information or sending money. By impersonating legitimate companies and using social engineering tactics, scammers hope to gain your trust and persuade you to share sensitive information, which they can use to commit fraud or identity theft.