Advanced Persistent Threats

Advanced Persistent Threats news, information, and how-to advice

binary monitor tech digital moody hacker threat

Report: Attack numbers fell last quarter, but attacks were more targeted and sophisticated

The total number of cybersecurity attacks fell by 35 percent in the last quarter of 2016, according to a new report, but the attacks became more targeted and sophisticated. Instead of general-purpose exploit kits and broad scanning,...

server cables orange

Machine behaviors that threaten enterprise security

Machine learning has moved enterprise security forward, allowing for visibility inside the network in order to better understand user behavior. However, malicious actors are using what is done with machine learning on the inside in...

Injection syringe needle vaccinate

Is antivirus getting worse?

Anti-virus software is getting worse at detecting both known and new threats, says a new report. Average detection rates for known malware went down a couple of percentage points slightly from 2015 to 2016, while detection rates for...

armor knight protect

Don't predict, protect

How businesses can actually protect themselves against a variety of threats.

When your threat intelligence just isn’t producing value you need to pivot

Josh Lefkowitz of Flashpoint shares his experience leading the pivot from threat intelligence to business risk intelligence and explains the enterprise benefit for security leaders

Shall we care about zero-day?

Gartner says that 99% of exploited vulnerabilities are publicly known. Does it mean we can ignore zero-days?

flooded house

Flood of threat intelligence overwhelming for many firms

Three years after Target missed alerts warning them abut a massive data breach, the amount of threat information coming in from security systems is still overwhelming for many companies, due to lack of expertise and integration issues....

hunting orange

It’s hunting season but who’s the prey?

There’s a trend in security operations to work to close the gap between discovering a breach after the damage has been inflicted, and delving deeper into the infrastructure to evaluate the “What/Where/When/How” in an effort to advance...

shamed

Name and shame cybersecurity: a gift for cybercriminals?

Cybersecurity “name and shame” practice may significantly boost global cybercrime.

hacker threat security

Which country has the best hackers: Russia or China?

Both are notorious for high-profile attacks, advanced persistent threats, and theft of money or intellectual property. And the award goes to ...

Cyber security breach attack on monitor with binary code

IT audits must consider the cyber kill chain and much more!

Its not enough to perform an IT audit to achieve compliance alone, Today's threat landscape includes sophisticated APT's, Advanced Persistent Threats, Remote access Trojans and Ransomeware to name a few, In order for an IT audit to...

Cybersecurity: is it really a question of when, not if?

Can you imagine your banker saying “it’s not a question of if I lose your money, but when will I lose your money”?

security group team circuitry

Cyber incident response: Who does what?

“Who in the government will help me if we face a significant cyber incident?”

wedding rings

How to make mergers and acquistions work

When tech companies "Merge and Purge" their IP, organizations on both sides of the trades can get nervous. Here's one recent deal that could actually mean a better set of solutions for everybody concerned.

ransomware moneybag

Hackers prey on human resources using ransomware

By nature of the data they handle, human resources are a prime target for hackers

Fake attacks by insiders to fool companies

Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.

black hat logo

Black Hat basics: Ruminations on 19 years of Black Hat Briefings

As this is my first venture into the world of blogs for CSO, the timing coincides with one of my favorite summer activities—traveling each August to the American desert, to roast in the Nevada sun, and attend the Black Hat Briefings....

cybersecurity

Digital security officer recruitment challenges and victories on the cyber battlefield

Veteran cybersecurity recruiter and leadership adviser S. A. Spagnuolo, of global executive search firm ZRG Partners, offers greetings to the reading audience, provides a quick primer on his background and sets his agenda going...

unveil disclosure

Defining ransomware and data breach disclosure

Does a ransomware attack cause the “acquisition, access, use or disclosure” of ePHI?” No court decision has yet to address this issue, but expert commentators have taken either side of the argument.

insider threat

9 critical controls for today's threats

Many controls we've used for years can't effectively deal with today's threats. We must extend some and add others to prevent, detect, and respond to emerging threats to our business operations.

Load More