Threat Detection

By Tarik Saleh, Senior Security Engineer at DomainTools Advanced Persistent Threats are long term patterns of network exploitation that go undetected for extended periods of time and are usually aimed at high profile targets such as governments, higher education institutions, political activists, and companies. They are often motivated by economic, political, and financial reasons, and the attacks tend to be highly targeted, resourceful, and risk tolerant.   The typical APT involves several phases:   Infiltration/Initial compromise:  This...

Mitek (NASDAQ: MITK, www.miteksystems.com) has today announced that Ajax Amsterdam, one of Europe's premier football clubs, will be using Mitek's Mobile Verify® with Face Comparison solution to improve online experience and bolster security for fans.  Putting fan enjoyment and safety at the heart of everything they do, Ajax is committed to verifying the identities of ticket buyers. The hurdles, complying with GDPR while maintaining paper copies of fans' ID documents, was becoming an unachievable task.  The...

PerimeterX, the company that protects the world’s largest and most reputable websites and mobile applications from malicious activities, today released “Third-Party Code: The Hidden Risk in Your Website,” a survey of security professionals that underscores the lack of awareness people have about vulnerabilities in third-party client-side scripts and the unaddressed threats that can result. Industry estimates state that the typical website is comprised of approximately 70 percent third-party code. The survey found that while almost...

Securonix, Inc., a leader in modern SIEM, announced an analytics and threat hunting content package that leverages the MITRE ATT&CK framework as a standard for predicting, detecting and investigating advanced cyber threats. The updated content includes 350+ use cases that are mapped to 100+ MITRE ATT&CK and PRE-ATT&CK techniques. The content will be integrated into the Securonix threat library version 6.3 for automated delivery and deployment to existing and new customers. Cyber security today is...

Research from Gurucul has uncovered 74 per cent of companies are being driven to actively take steps to mitigate security risks posed by third party vendors following recent breaches. The study also found that Managed Service Providers (MSPs) are the biggest third-party concern amongst IT security professionals, ahead of systems integrators and developers. Gartner has recently predicted that managed and subscription-based security services will account for half of all cyber-security spending by 2020, highlighting the...

With this latest integration, joint customers can now leverage the Flashpoint API to import Finished Intelligence reports, Risk Intelligence Observables (RIOs), and Technical Indicators into ThreatConnect. The ThreatConnect Platform provides a central place for users to see and analyse their team’s threat intelligence and then take well-informed, decisive action. The Flashpoint API grants users access to intelligence reports, technical data, and uniquely sourced conversations from illicit threat communities. Vice President of Product at ThreatConnect, Andy...

Kaspersky researchers detected 16,017 new ransomware modifications in Q2 2019 – including ones belonging to eight new malware families. This is more than double the number of new samples detected a year ago, in Q2 2018 (7,620). The Kaspersky IT Threat Evolution Q2 2019 report also highlights that more than 230,000 users were attacked during the quarter, along with other key findings. A Trojan-Ransom can be equally successful in both private and corporate attacks, as...

The misuse of legitimate security tools by criminals and state-sponsored actors has been a dilemma for close to two decades. Penetration-testing software and red-teaming frameworks were built for the purpose of testing the defences of enterprise networks, but that hasn’t stopped individuals and collectives with malicious intent from pirating or hacking these tools and using them to nefarious ends. Cobalt Strike is one such tool that is being widely abused, and if your organisation has...

Now security operations centers (SOC) and managed security service providers (MSSPs) can benefit from a comprehensive solution including detection, investigation, and automated response that delivers significant boosts in effectiveness and productivity. Despite the intuitive coupling of automated response with advanced, machine-learning detection, the SOAR (security, orchestration, automated response) solutions available on the market typically fall short of offering both functionalities. “Talk about scaling the SOC often seems to involve a connected series of fools’ errands,”...

Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, today announced its continued investment in OT security with the release of SilentDefense 4.0. Building on one of the most advanced and mature OT network monitoring and intelligence platform, Forescout’s latest enhancements will provide enterprises with improved productivity, lower risk profiles and faster mitigation of threats. “The convergence of IT and OT is increasing the complexity and vulnerability of previously isolated ICS networks,”...