Independence with respect to observability means being able to choose the best tools and approaches. Challenges to this independence can come both externally and internally. Vendors, other teams, and budget concerns can restrict your choices and seek to control how you observe your systems. At the same time, different...
How do you get the data out of your infrastructure and applications in order to properly observe, monitor, and secure their running states while minimizing overlap, wasted resources, and cost?
This book introduces you to the concept of observability pipelines, which help slash costs, improve performance, and...
Which adversaries' attack techniques do enterprises need to prioritize? This question was the basis of a research project conducted in part by MITRE and partners such as Fortinet's FortiGuard Labs. Fortinet's Douglas Jose Pereira dos Santos discusses the value of high-resolution threat intelligence.
'Despite an arsenal of point products designed to block malware and threats and warn of vulnerabilities that can be exploited by attackers; it is no longer sufficient to rely on traditional defence techniques. While effective in some areas, these approaches are limited, with one of the most important gaps being the...
Insider risk and data loss prevention (DLP) are a top concern for organisations today. And it makes sense, with a distributed workforce and increasing reliance on technology, legacy, on-prem DLP technology hasn’t lived up to its promises.
That’s because data loss begins with people, whether careless, compromised...
The bad guys are out there, watching and waiting for an opportunity to strike. They are gathering information about your organisation and users, devising the perfect plan to infiltrate your defences. What if you could see your organisation through the eyes of an attacker?
Attend this webinar to learn:
The...
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
Why didn't Russia unleash major cyberattacks against Ukrainian critical infrastructure ahead of its invasion troop advance? While theories abound, some experts warn that, unfortunately, this war and its cost to human life is only set to get worse.
Fortinet's FortiGuard Labs has released its latest Global Threat Landscape Report, and it portrays adversaries who are increasingly more sophisticated and speedy and who are diversifying their attack techniques. Derek Manky tells why organizations need to respond by bolstering the cyber kill chain.
A question that keeps many CISOs awake at night is whether or not to pay in a ransomware attack.
In a vacuum, the guidance to withhold payment makes total sense. We don’t want to negotiate with
criminals. But when you need to get your business back online, a cost/benefit analysis takes effect, and
a company will...
CISA and the FBI issued a joint advisory pointing to Russian state-sponsored activity using WhisperGate and HermeticWiper malware to target Ukrainian organizations. CISA also updated the Shields Up webpage to include new recommendations for corporate leaders and actions to protect critical assets.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
Employees with too much access can pose an insider threat. When employees have access to more than they need to do their job, there are more opportunities for mistakes, whether accidental or not. Lack of accountability means you
don’t know who did what, when. If too many people have the same level of access and...
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.