Security orchestration, or SOAR - Security Orchestration, Automation and Response, as it is known to some - is still an area in development, so there are misconceptions about its scope of use and effectiveness for a SOC team. Claudio Benavente discusses the top five security orchestration myths.
Microsoft says it has seized control of 65 domains that the ZLoader gang has been using to grow, control and communicate with its botnet. ZLoader, a descendant of the ubiquitous Zeus banking malware, is run by a global, internet-based, organized crime gang operating malware as a service.
A yearlong joint operation by law enforcement agencies across several countries led to the shuttering of darknet marketplace RaidForums and the seizure of three domains hosting the website. Its 21-year-old alleged founder and two unidentified co-conspirators have also been arrested.
In the latest "Proof of Concept," Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP and David Pollino, former CISO at PNC Bank, join Information Security Media Group editors to discuss U.S. regulatory trends and supply chain risk management.
With the rapidly changing threat landscape, protecting your enterprise from breaches and account takeover fraud has never been a bigger challenge. Fraud teams have the challenges of understanding customer identities and human behaviors regardless of how many devices and accounts they use.
In the latest weekly update, editors at Information Security Media Group discuss important cybersecurity issues, including the White House warning about escalated cyberthreats from Russia, the impact of the Russia-Ukraine war on the healthcare sector and why combating SIM swap fraud remains challenging.
Police in London say they've arrested seven people that the BBC reports are tied to the Lapsus$ hacking group, which has claimed responsibility for data breaches involving Okta, Microsoft, Nvidia, Ubisoft and more. The names of the suspects, who are mostly teenagers, have not been released.
The U.S. Department of Justice has indicted a 23-year-old Russian national for operating a cybercriminal marketplace that sold thousands of stolen login credentials, PII and authentication tools, according to U.S. Attorney Brit Featherston of the Eastern District of Texas.
Why didn't Russia unleash major cyberattacks against Ukrainian critical infrastructure ahead of its invasion troop advance? While theories abound, some experts warn that, unfortunately, this war and its cost to human life is only set to get worse.
Anyone trying to make sense of data breach trends faces a transparency challenge. Too often, a lack of detail undercuts consumers' ability to assess their identity theft risk and businesses' ability to block emerging attacks or ensure that their supply chains remain secure.