Security researchers observed TrickBot malware that utilizes a new capability: point-of-sale (POS) data collection.
By understanding the basics of DNS analytics, the common methods of attack and the tools available to security teams, you will be better prepared to protect your enterprise from hidden cyberthreats.
A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.
For companies that want to understand what is happening in their networks but lack malware analysis tools, using what is publicly available could be the difference between an infection and a crisis.
Dwell times for data compromises are still shockingly high. Understand how to detect a breach in your network to improve response and mitigation time.
Security Threat Group Spoofs Login Screens to Gain Unauthorized Access at 76 Universities in 14 Countries
A security threat group called COBALT DICKENS used more than 16 domains and 300 websites to create bogus login screens for 76 different universities in an attack that spanned 14 countries.
Security teams can generate valuable insights about ongoing attacks by using log services and threat intelligence to analyze C&C traffic.
The lifecycle management of indicators is an important element to support decisions and actions against attackers. This process informs the courses of action matrix to build a response plan.
Indicators of compromise are key data points used during an incident response process. Regularly testing the reliability of your indicators can make all the difference in your IT security process.
Before sharing indicators of compromise, analysts must consider the sensitivity of the data and verify the identities of the senders and receivers.