The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.
Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.
The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.
Expel receives highest possible score in 14 criteria
This report is a guide for buyers considering Managed Detection and Response providers. Forrester analysts follow a publicly available methodology. Download the report to learn:
How Expel stacks up: The Wave™ ranks Expel alongside the 14 other...
Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
Criminals operating online continue to tap ransomware in their pursuit of an illicit payday. That was the cybercrime reality throughout 2020, and unfortunately it still appears to be holding true in the first months of this year, the Cisco Talos Incident Response team reports.
Whether accidental or malicious, insider incidents can result in financial fraud, privacy abuses, intellectual property theft, or damage to infrastructure. It’s difficult for security pros to detect this suspicious activity because insiders need to have privileged access to data to do their jobs. Since insiders are...
Swiss cybersecurity firm Prodaft says it has accessed several servers used by an advanced persistent threat group tied to the SolarWinds supply chain attack. These attackers continue to target large corporations and public institutions worldwide, with a focus on the U.S. and the European Union, the researchers say.
Enterprises generally have a good grasp on gathering and operationalizing threat intelligence. But when it comes to the midmarket, there are unique challenges. Neal Dennis of Cyware Labs tells how to overcome these obstacles and achieve value from a threat intel platform.
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.