Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Detection

Arctic Wolf

What Is EDR Security?

Jul 26, 2024 By Arctic Wolf In Arctic Wolf
Back in 2013, Gartner’s Anton Chuvakin set out to name a new set of security solutions to detect suspicious activity on endpoints. After what he called, “a long agonizing process that involved plenty of conversations with vendors, enterprises, and other analysts,” Chuvakin came up with this phrase: endpoint threat detection and response.
Read Post
salt security

Detecting API Threats In Real Time

Jul 23, 2024 By Eric Schwake In Salt Security
The digital economy runs on APIs, the building blocks of the modern internet. From effortless mobile payments to convenient food deliveries, APIs work silently behind the scenes to power the applications we use every day. While APIs aren't new, their usage has exploded in recent years. Cloud computing, agile development practices, and the pandemic-driven surge in digital services have fueled this rapid growth.
Read Post
Corelight

Corelight recognized for SaaS and Cloud Identity Applications Security in the Gartner Competitive Landscape Report*

Jul 18, 2024 By Corelight In Corelight
The cybersecurity landscape is evolving, and Network Detection and Response (NDR) solutions are becoming indispensable for consistent visibility across an increasing attack surface.
Read Post
Corelight

Understanding the Latest Threat Landscape: Insights from Mandiant M-Trends

Jul 18, 2024 By Allen Marin In Corelight
In the constantly evolving world of cybersecurity, staying ahead of emerging threats requires continuous vigilance and adaptation. Fortunately for those of us in the industry, we’ve been able to count on highly respected digital forensics and incident response specialists like Mandiant to publish annual research on the latest security trends seen first-hand by their global teams.
Read Post
splunk

Introducing ShellSweepPlus: Open-Source Web Shell Detection

Jul 10, 2024 By Michael Haag In Splunk
Today, the Splunk Threat Research Team is thrilled to introduce ShellSweepPlus, an advancement in our ongoing mission to combat the persistent threat of web shells. Building upon the solid foundation of its predecessor ShellSweep, ShellSweepPlus is an enhanced version that takes web shell detection to new heights, incorporating cutting-edge techniques and a multifaceted approach to safeguard your web environments.
Read Post
Corelight

Black Hat NOC: Zero Trust...but Verify | Corelight

Jul 8, 2024 By Mark Overholser In Corelight
The Black Hat network is unlike an enterprise network. The network operations center (NOC), which Corelight helps to operate, sees traffic that would never be permissible on most enterprise networks. Still, in many ways the Black Hat network is a microcosm of many real-world environments, with similar challenges that require similar solutions.
Read Post
Corelight

Detecting The Agent Tesla Malware Family

Jul 2, 2024 By Keith J. Jones In Corelight
Welcome to the latest from Corelight Labs! This blog continues our tradition of picking a popular malware family from Any.Run and writing a detector for it! Trending consistently at #1 on Any.Run’s malware trends list, Agent Tesla uses multiple protocols to communicate with its C2 infrastructure, making it more difficult to detect robustly than a malware sample utilizing only one network protocol for its C2.
Read Post

GrimResource: Arbitrary Code Execution via Malicious MSC file | Threat SnapShot

Jun 30, 2024 By SnapAttack In SnapAttack
Discover how to detect the GrimResource attack, a novel code execution technique leveraging Microsoft Management Console (MMC) files. This threat snapshot video breaks down Elastic Security Labs' research on this stealthy initial access vector that evades common defenses. Key points covered: Learn practical steps to protect your systems against this emerging threat. *Subscribe to SnapAttack for more in-depth analyses and real-world applications of cybersecurity defenses.*
View Video
indusface

10 Botnet Detection and Removal Best Practices

Jun 28, 2024 By Venkatesh Sundar In Indusface
If your device suddenly behaves like a re-animated zombie, it might be under a botnet attack. Botnet attacks, also known as zombie armies, involve hijacking internet-connected devices infected with malware, controlled remotely by a single hacker. These attacks can reach immense scales, as demonstrated by an incident where 1.5 million connected cameras were exploited to overwhelm and take down a journalist’s website.
Read Post
CrowdStrike

Seeing the Unseen: Preventing Breaches by Spotting Malicious Browser Extensions

Jun 27, 2024 By Bei Wang - Hari Holla - Keyauri Kendrick - Kamil Imtiaz In CrowdStrike
As workforce productivity increasingly depends on web-based applications, browsers have become essential gateways to the “connectivity economy.” According to recent data, 93% of desktop internet traffic in 2023 traversed through four popular web browsers.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.