Best practices for implementing a proper backup strategy
Implementing a robust backup strategy for safeguarding crucial business data is more essential than ever. Without such a plan, organizations risk paying ransoms and incurring …
incident response
Shifting left and right, innovating product security
In this Help Net Security interview, Slava Bronfman, CEO at Cybellum, discusses approaches for achieving product security throughout a device’s entire lifecycle, …
Velociraptor: Open-source digital forensics and incident response
Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities. Velociraptor enables you to conduct …
Experts demand clarity as they struggle with cloud security prioritization
Cloud Native Application Protection Platforms (CNAPPs) have emerged as a critical category of security tooling in recent years due to the complexity of comprehensively …
Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …
UAC: Live response collection script for incident response
Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, …
Citrix ADC zero-day exploitation: CISA releases details about attack on CI organization (CVE-2023-3519)
The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the …
Threat actors can exfiltrate data from Google Drive without leaving a trace
Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga …
Data-driven insights help prevent decisions based on fear
Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the …
Microsoft unveils AI-powered Security Copilot analysis tool
Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals’ work. …
Microsoft announces Microsoft Incident Response Retainer
Microsoft has introduced Microsoft Incident Response Retainer, allowing customers to pre-pay and count on help from Microsoft incident responders before, during and after a …
CISA releases free tool for detecting malicious activity in Microsoft cloud environments
Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution …