Enterprises generally have a good grasp on gathering and operationalizing threat intelligence. But when it comes to the midmarket, there are unique challenges. Neal Dennis of Cyware Labs tells how to overcome these obstacles and achieve value from a threat intel platform.
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.
An ongoing spear-phishing campaign by the threat group TA800 is distributing a new malware loader based on the Nim programming language that's designed to help avoid detection, according to the cybersecurity company Proofpoint.
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 APT groups that have been collectively been hitting thousands of companies over the last three months, including prior to when Microsoft was first alerted to the flaws and issued a patch, security researchers warn.
Russian hackers apparently weren't the only ones targeting SolarWinds customers. An attack last year by the Spiral hacking group, believed to be based in China, against one organization used malware that targeted a vulnerability in SolarWinds' Orion software, according to the Secureworks Counter Threat Unit.
It used to be enough to protect the network perimeter, but in recent years, an expanding perimeter has opened the door to threat actors preying on a larger attack surface.
Understanding the evolution of endpoint security and the solutions available to your organization is key to protecting your business in...
In this Total Economic Impact™ (TEI) study of ManagedXDR, Forrester Consulting assesses the cost savings, productivity gains, and business benefits Secureworks users experience.
The study found a potential ROI of 413 percent* over three years for ManagedXDR customers, as well as other quantified and...
Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
As employees connect to servers each morning via VPN to download the valuable corporate data that they need for the day, compliance and security are easily jeopardized. As soon as the employee disconnects from the VPN, corporate oversight goes blind, and compliance can't be maintained.
There are precautions and...
Threat intelligence can be a useful addition to your security toolkit. It
can provide your analysts with information and context they would
not have otherwise. There are many factors to consider, including
where to obtain the intelligence, how to collect it, how to integrate it,
and how much to...
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
Fortinet’s FortiGuard Labs is out with its latest Global Threat Report, this one reflecting on the second half of 2020. No surprise: After the SolarWinds attack, supply chain security takes center stage. But don’t forget about ransomware and the ongoing attacks on new home branch offices.
Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.
Traditional perimeter-based IT security models aren’t well suited for today’s world of cloud services and mobile users. Savvy attackers can breach enterprise networks and fly under the radar for weeks or even months.
Threat actors always find new and innovative ways to penetrate networks, steal data, and disrupt...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
