A nation-state sponsored espionage campaign dubbed "Sea Turtle" has been manipulating the domain name system to target more than 40 organizations, including intelligence agencies - especially in North Africa and the Middle East, Cisco Talos warns. Experts say defenses against DNS hijacking lag.
Charles Henderson, global managing partner for IBM X-Force Red, reviews some of the top new cybersecurity threats to organizations discovered by his team.
The information provided in a domain name system is far deeper than just those transactions that take place. A DNS provides much more granular information around some security risks, although CISOs tend to overlook this information, says Stuart Reed of Nominet.
Netscout is out with its latest threat report, and the research offers some startling new insights into DDoS, advanced threats and the commercialization of cybercrime. Hardik Modi offers analysis.
CenturyLink has opened Black Lotus Labs, which focuses on threat research used to share information with customers as well as initiate takedowns of networks used to support cybercrime activities, says Peter Brecl, a director at the company.
Threat hunting is a critical but labor-intensive task for security analysts. But automation can provide significant advantages, says Steven Grossman of Bay Dynamics.
Every threat hunt starts with intelligence. As one of the industry's most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.
The digital revolution has given healthcare organizations new tools to increase team efficiency and improve their customer experience. But it's also opened up new vectors that cybercriminals can use to attack. As your attack surface expands to infrastructure that you don't own or control, becomes increasingly...
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
Threat intelligence sharing is all about trust, speed and context. And yet many enterprise intel programs lack one or more of those qualities. Jon Clay of Trend Micro discusses what it takes to stand up a customized threat intelligence program.
User behavioral analytics can help better detect indicators of potential threats, both external and internal, says Carl Leonard, principal security analyst at Forcepoint.
By building in some risk intelligence upfront, organizations can upgrade their security operations centers and reduce the noise from the sheer volume of alerts and false positives, says Ganesh Prasad of RSA, who shares insights.
Hackers have been plugging inexpensive hardware into banks' local area networks to help perpetrate heists that have stolen tens of millions of dollars, warns Kaspersky Lab. It says that since 2017, the "DarkVishnya" attack campaign has hit at least eight Eastern European banks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.