As technical director of the Attack Investigations Team at Symantec, a division of Broadcom, Eric Chien has access to intelligence and telemetry on the latest attack trends. He shares insights on supply chain attacks and more - and discusses how defenders can raise their game in response.
He's been a police officer, a Secret Service agent, a CIO and a CISO. And it all comes together. Don Cox, currently a chief technology evangelist at CIBR, discusses his career path and how his police background assists him in leading cybersecurity organizations.
Investigations are a key part of the analyst workflow. Analysts must be able to answer important questions such as “Was this a successful attack? Is it spreading?”, usually through creating an incident timeline. This step often requires an analyst to manually collect and correlate evidence across disparate tools,...
He’s been an Air Force general, a CEO and the first federal CISO. Now Gregory Touhill is taking charge as director of the Carnegie Mellon University Software Engineering Institute's CERT Division. And he’s bringing all his past experience to bear in a new effort to forge partnerships and protections.
Apple has patched a zero-day flaw in macOS 11.3 that attackers have been exploiting since at least January to install advertising software on victims' systems. The flaw enables a malicious script to be deployed that bypasses Notarization, Gatekeeper and File Quarantine security defenses.
Dan Kaminsky, a renowned security researcher, died last week at age 42. He gained cybersecurity fame in 2008 after discovering and helping to coordinate a patch for a massive security flaw in the internet's Domain Name System.
The FBI and CISA are warning of continued cyberthreats stemming from Russia's Foreign Intelligence Service, or SVR, which the Biden administration formally accused of carrying out the SolarWinds supply chain attack. A joint alert describes how Russian attackers are targeting vulnerable networks.
Researchers at RiskIQ say they've discovered more than a dozen previously undocumented command-and-control servers used in the SolarWinds supply chain attack, showing that the cyberespionage operation was much larger than previously identified.
An advanced persistent threat group gained long-term access to an unnamed entity's network through its Ivanti Pulse Secure VPN and SolarWinds' Orion server and then installed Supernova malware, according to the U.S. Cybersecurity and Infrastructure Security Agency.
While the Biden administration is betting that the latest round of sanctions aimed at Russia and its economy will help deter the country's cyber operations, several U.S. agencies used the sanctions announcement as an opportunity to pull back the curtain on the tactics of Russia's Foreign Intelligence Service.
With more than 2,000 security vendors cataloged and organizations reporting an average of 45 security solutions deployed, why aren’t we any closer to solving the threat detection gap? Mark Alba on Anomali discusses the promise of XDR.
1,778 IT and IT security professionals across North America, Latin America, the UK and Europe responded to a new study by the Ponemon Institute, and their responses deliver a clear message to CISOs.
The study tracks the level of importance placed on security analysts, as well as the state of maturity...
Chad Wolf, the former acting secretary for the Department of Homeland Security, has confirmed the accuracy of an earlier news report saying that the SolarWinds supply chain attackers gained access to his unclassified DHS email accounts, which included calendar details.
Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.
A Texas man is facing a federal charge after he allegedly tried to buy explosives from an undercover FBI agent to bomb an AWS data center in Virginia, according to the Justice Department. The suspect believed the bombing could interrupt 70% of internet traffic, prosecutors say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.