Advanced Persistent Threats

Advanced Persistent Threats news, information, and how-to advice

Injection syringe needle vaccinate
armor knight protect

When your threat intelligence just isn’t producing value you need to pivot

Josh Lefkowitz of Flashpoint shares his experience leading the pivot from threat intelligence to business risk intelligence and explains the enterprise benefit for security leaders

zero days poster

Shall we care about zero-day?

Gartner says that 99% of exploited vulnerabilities are publicly known. Does it mean we can ignore zero-days?

flooded house

Flood of threat intelligence overwhelming for many firms

Three years after Target missed alerts warning them abut a massive data breach, the amount of threat information coming in from security systems is still overwhelming for many companies, due to lack of expertise and integration issues....

hunting orange

It’s hunting season but who’s the prey?

There’s a trend in security operations to work to close the gap between discovering a breach after the damage has been inflicted, and delving deeper into the infrastructure to evaluate the “What/Where/When/How” in an effort to advance...

shamed

Name and shame cybersecurity: a gift for cybercriminals?

Cybersecurity “name and shame” practice may significantly boost global cybercrime.

Cyber security breach attack on monitor with binary code

IT audits must consider the cyber kill chain and much more!

Its not enough to perform an IT audit to achieve compliance alone, Today's threat landscape includes sophisticated APT's, Advanced Persistent Threats, Remote access Trojans and Ransomeware to name a few, In order for an IT audit to...

rich banker cigar money fire greed

Cybersecurity: is it really a question of when, not if?

Can you imagine your banker saying “it’s not a question of if I lose your money, but when will I lose your money”?

security group team circuitry

Cyber incident response: Who does what?

“Who in the government will help me if we face a significant cyber incident?”

wedding rings

How to make mergers and acquistions work

When tech companies "Merge and Purge" their IP, organizations on both sides of the trades can get nervous. Here's one recent deal that could actually mean a better set of solutions for everybody concerned.

ransomware moneybag

Hackers prey on human resources using ransomware

By nature of the data they handle, human resources are a prime target for hackers

Fake attacks by insiders to fool companies

Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.

black hat logo

Black Hat basics: Ruminations on 19 years of Black Hat Briefings

As this is my first venture into the world of blogs for CSO, the timing coincides with one of my favorite summer activities—traveling each August to the American desert, to roast in the Nevada sun, and attend the Black Hat Briefings....

cybersecurity

Digital security officer recruitment challenges and victories on the cyber battlefield

Veteran cybersecurity recruiter and leadership adviser S. A. Spagnuolo, of global executive search firm ZRG Partners, offers greetings to the reading audience, provides a quick primer on his background and sets his agenda going...

unveil disclosure

Defining ransomware and data breach disclosure

Does a ransomware attack cause the “acquisition, access, use or disclosure” of ePHI?” No court decision has yet to address this issue, but expert commentators have taken either side of the argument.

insider threat

9 critical controls for today's threats

Many controls we've used for years can't effectively deal with today's threats. We must extend some and add others to prevent, detect, and respond to emerging threats to our business operations.

lubyanka

In Russia, Internet backdoors you

I do so enjoy these moments where I can craft goofy headlines like that. In this case however, it’s spot on. While the entire world was watching the Brexit tire fire unfold, some news broke in Russia. For a long time I would shake...

pharmacy target

Cyber threats and pharmaceuticals

We must evolve our security strategies with the threat environment and adapt to the dynamic nature of the threat actors themselves, how they operate, and devise our strategies accordingly.

fresh strawberries

Keeping web based intelligence fresh

What is a major threat today could be fixed tomorrow

Load More