Threat Detection

Google Chrome

Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser. Kaspersky has allocated the vulnerability as CVE-2019-13720 and reported it to Google. A patch has been released. Upon review of the PoC provided, Google confirmed that it is a zero-day vulnerability. Zero-day vulnerabilities are previously unknown software bugs that can be exploited by attackers to inflict serious and unexpected damage. The new exploit is used in attacks that leverage a waterhole-style injection in a...

Read more
Robot playing piano

This week’s question: What does automation mean for IT security teams?  What automation primarily means is that teams now have the chance to scale their tasks to meet the needs of the business. Nowadays, given that vulnerabilities are discovered on a daily basis, organisations need tools that can keep track of these weaknesses as these are made public and patches become available.   The great strategic advantage of using an automation tool for vulnerability management is the frequency at which it allows IT...

Read more
Anatomy of an Advanced Persistent Threat

By Tarik Saleh, Senior Security Engineer at DomainTools Advanced Persistent Threats are long term patterns of network exploitation that go undetected for extended periods of time and are usually aimed at high profile targets such as governments, higher education institutions, political activists, and companies. They are often motivated by economic, political, and financial reasons, and the attacks tend to be highly targeted, resourceful, and risk tolerant.   The typical APT involves several phases:   Infiltration/Initial compromise:  This...

Read more
Ajax Amsterdam Flag

Mitek (NASDAQ: MITK, www.miteksystems.com) has today announced that Ajax Amsterdam, one of Europe's premier football clubs, will be using Mitek's Mobile Verify® with Face Comparison solution to improve online experience and bolster security for fans.  Putting fan enjoyment and safety at the heart of everything they do, Ajax is committed to verifying the identities of ticket buyers. The hurdles, complying with GDPR while maintaining paper copies of fans' ID documents, was becoming an unachievable task.  The...

Read more
PerimeterX

PerimeterX, the company that protects the world’s largest and most reputable websites and mobile applications from malicious activities, today released “Third-Party Code: The Hidden Risk in Your Website,” a survey of security professionals that underscores the lack of awareness people have about vulnerabilities in third-party client-side scripts and the unaddressed threats that can result. Industry estimates state that the typical website is comprised of approximately 70 percent third-party code. The survey found that while almost...

Read more
Securonix logo

Securonix, Inc., a leader in modern SIEM, announced an analytics and threat hunting content package that leverages the MITRE ATT&CK framework as a standard for predicting, detecting and investigating advanced cyber threats. The updated content includes 350+ use cases that are mapped to 100+ MITRE ATT&CK and PRE-ATT&CK techniques. The content will be integrated into the Securonix threat library version 6.3 for automated delivery and deployment to existing and new customers. Cyber security today is...

Read more
Insider Threat

Research from Gurucul has uncovered 74 per cent of companies are being driven to actively take steps to mitigate security risks posed by third party vendors following recent breaches. The study also found that Managed Service Providers (MSPs) are the biggest third-party concern amongst IT security professionals, ahead of systems integrators and developers. Gartner has recently predicted that managed and subscription-based security services will account for half of all cyber-security spending by 2020, highlighting the...

Read more
Threatconnect

With this latest integration, joint customers can now leverage the Flashpoint API to import Finished Intelligence reports, Risk Intelligence Observables (RIOs), and Technical Indicators into ThreatConnect. The ThreatConnect Platform provides a central place for users to see and analyse their team’s threat intelligence and then take well-informed, decisive action. The Flashpoint API grants users access to intelligence reports, technical data, and uniquely sourced conversations from illicit threat communities. Vice President of Product at ThreatConnect, Andy...

Read more
Kapersky logo

Kaspersky researchers detected 16,017 new ransomware modifications in Q2 2019 – including ones belonging to eight new malware families. This is more than double the number of new samples detected a year ago, in Q2 2018 (7,620). The Kaspersky IT Threat Evolution Q2 2019 report also highlights that more than 230,000 users were attacked during the quarter, along with other key findings. A Trojan-Ransom can be equally successful in both private and corporate attacks, as...

Read more
Page 1 of 4 1 2 4