Advanced Persistent Threats
Advanced Persistent Threats | News, how-tos, features, reviews, and videos
SolarWinds hack is a wakeup call for taking cybersecurity action
Many questions are yet to be answered as the investigation and response continues, but one thing is clear: managing supply chain risks requires a level of sophistication similar to that of the attackers.
How to prepare for the next SolarWinds-like threat
It is possible to minimize the risk from nation-state attacks like SolarWinds. This is the best advice based on what experts have learned so far.
SolarWinds attack explained: And why it was so hard to detect
A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.
FireEye breach explained: How worried should you be?
The theft of red team tools, allegedly by Russia's Cozy Bear group, poses only a small threat to other organizations. The real lesson: Anyone can be hacked.
TrickBot gets new UEFI attack capability that makes recovery incredibly hard
Researchers discover a new TrickBot module that allows malware to persist even after reformatting or replacing a hard drive.
Mercenary APT group CostaRicto hits organizations worldwide
This hacker-for-hire advanced persistent threat group uses its own custom malware and takes great effort to hide its activity.
Evilnum group targets FinTech firms with new Python-based RAT
The attack hides in Windows systems by impersonating several legitimate programs.
APT-style mercenary groups challenge the threat models of many organizations
APT-for-hire services will broaden the scope of who is vulnerable to that type of attack. Small- and medium-sized companies in particular need to rethink their threat models.
Protecting high-value research data from nation-state attackers
Recent nation-state campaigns to steal COVID-related research data underscores the threat to all research organizations. The best defense starts with knowing the enemy.
How CISOs can best assess geopolitical risk factors
A recent report on Russian-affiliated advanced persistent threats provides a template to help CISOs evaluate risk from nation-state actors.
Chinese hacker group APT41 uses recent exploits to target companies worldwide
APT41 has compromised devices and applications from Cisco, Citrix and Zoho across many industries worldwide at a time when many companies are less able to respond.
How Target evolved its threat hunting program: 3 key steps
Target decided to re-evaluate its successful threat hunting program and found it could do better. This is what they did.
Cybersecurity in 2020: Vigilance and the human element
Todd Inskeep, of Booz Allen Hamilton and the RSA Conference Advisory Board, writes that individuals must remain vigilant to stay a step ahead of those wishing to inflict chaos. Here’s how humans and technology can work together in...
Hackers use free tools in new APT campaign against industrial sector firms
Attackers seek to make attribution harder and use sophisticated, realistic spear-phishing emails.
Global threat groups pose new political and economic dangers
Nation-state players in Iran, North Korea, Saudi Arabia and Russia are getting new objectives and changing strategies, say experts.
Russia’s Sandworm hacking group heralds new era of cyber warfare
In-depth research on Sandworm shows broad capabilities and scope to disrupt anything from critical infrastructure to political campaigns in any part of the world.
The 24/7 insider threat – Managing risk in a changing environment
A new model for managing insider risk in the "always-on” and “on-demand” workplace.
Examining and addressing threat detection and response challenges
Cybersecurity teams are fighting fires and still rely on manual processes. Meanwhile, the attack surface continues to grow. Process improvements are needed.
-
eBook
Sponsored -
White Paper
-
Sponsor Article
Sponsored -
Video/Webcast
Sponsored -
Solution Brief
Sponsored