One of the most crucial types of information for threat detection and incident response is network flow data, which has several unique properties that can help security analysts uncover attacks.
Researchers believe that a new APT group known as GreyEnergy, which they observed targeting ICS consoles across Poland and Ukraine, may be a successor to BlackEnergy, the group that authored NotPetya.
For the first time ever, researchers discovered a UEFI rootkit in the wild that they believe the Sednit APT group used to execute LoJax malware.
Researchers recently discovered that the number of victims of a unique backdoor developed by advanced threat group Turla is much higher than originally thought.
Threat hunting is a complex and labor-intensive task, but it can go a long way toward helping your organization detect APTs before they can cause damage to the network.
According to recent research, Slingshot APT has victimized nearly 100 organizations since 2012 using kernel-level privileges to load malware and evade detection.
Thanks to their harrowing experience with the Evil Witch, Hansel and Gretel went on to become expert threat hunters to protect the children of the forest.
ATM malware has evolved significantly in three years.
Effective ATM network protection requires a combination of basic and advanced approaches and a strong SIEM solution to monitor anomalous activity.
Nuclear power plants are now being targeted by sophisticated cybercrime groups. Is this the precursor to a full-scale malware meltdown?