There is hardly an organization out there that isn’t planning or hasn’t already taken advantage of the cloud. And, according to Threat Stack CTO Sam Bisbee, there is hardly a technology-oriented organization anywhere on the small-business to-enterprise spectrum that isn’t a good candidate for SecOps. But the use of these technologies has to be …
In this podcast recorded at Black Hat USA 2017, Dr. Richard Ford, Chief Scientist at Forcepoint, talks about the security industry’s need of a paradigm shift toward examining user behavior and intent. Here’s a transcript of the podcast for your convenience. Hello, my name is Dr. Richard Ford, I’m the Chief Scientist over at …
WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. They dubbed the malware “EV ransomware”, due to the .ev extension that is added to the encrypted files. About EV ransomware The ransomware is uploaded once …
What will it take for cybersecurity policy to finally catch up to the digital age? I get this question often, and increasingly I worry that it will take a true “black swan” event to shock the system. Black swan events are rare, come as a surprise, and have a major impact. However, in 2017 alone, we seem to have already spotted a few black …
Smartphone users can now add a new entry to the list of things they need to worry about: their …
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, …
In this podcast recorded at Black Hat USA 2017, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses the importance of security configuration assessment as part of a comprehensive vulnerability management program, …
More and more shopping Web sites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them – even if they are using blockchain anonymity techniques such as CoinJoin. …
I play a lot of video games and one of the things I’ve noticed is that when you first start playing, the game often keeps you from venturing into places where you’re likely to fail. Sometimes, this comes in the form of an obstacle you can’t pass …
Today, analysts must either have advanced data science skills to build hunting algorithms that detect suspicious cyber behaviors or rely on blackbox vendor tools that package rigid algorithms. Sqrrl Enterprise 2.8 introduces the ability for …
Smartphone users can now add a new entry to the list of things they need to worry about: their phones being compromised via replacement parts. A group of researchers from Ben-Gurion University of the Negev has demonstrated that hardware …
There is hardly an organization out there that isn’t planning or hasn’t already taken advantage of the cloud. And, according to Threat Stack CTO Sam Bisbee, there is hardly a technology-oriented organization anywhere on the small-business …
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately leading to a RAT infection. What is curious about this particular attack …
In this podcast recorded at Black Hat USA 2017, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses the importance of security configuration assessment as part of a comprehensive vulnerability management program, …
